VULHUB ™

Powie's PHP Forum 1.14 is vulnerable to an sql-injection attack. Exploitation allows an attacker to log in as any user without authentication, including admin. With admin access, an attacker can modify discussions, change configurations, etc. Attackers could also impersonate other users. This can be accomplished trivially, by submitting the following string as the user name: "admin' OR username='admin" This appends "OR username ='admin'" to the user authentication SQL query, such that it will retrieve user information for the given user and password, OR just the requested user (because of the appended sql). The "Magic Quotes" option in PHP must be disabled for this attack to be successful. When it is enabled, "Magic Quotes" encodes quotation marks to reduce the effectiveness of this sort of attack.

Powie's PHP Forum 1.14 is vulnerable to an sql-injection attack. Exploitation allows an attacker to log in as any user without authentication, including admin. With admin access, an attacker can modify discussions, change configurations, etc. Attackers could also impersonate other users. This can be accomplished trivially, by submitting the following string as the user name: "admin' OR username='admin" This appends "OR username ='admin'" to the user authentication SQL query, such that it will retrieve user information for the given user and password, OR just the requested user (because of the appended sql). The "Magic Quotes" option in PHP must be disabled for this attack to be successful. When it is enabled, "Magic Quotes" encodes quotation marks to reduce the effectiveness of this sort of attack.