Published: 06/03/2006 Updated: 18/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
g2soft pentacle in-out board 6.03

#!/usr/bin/perl #Method found & Exploit scripted by nukedx #Contacts > ICQ: 10072 MSN/Main: nukedx@nukedxcom web: wwwnukedxcom #Usage: pentapl <victim> <directory> #Original Advisory: wwwnukedxcom/?viewdoc=14 use IO::Socket; if(@ARGV < 3){ print " +****************************************************************** ...

NVD-CWE-Other http://www.nukedx.com/?viewdoc=13 http://www.nukedx.com/?viewdoc=14 http://www.securityfocus.com/bid/16818 http://securitytracker.com/id?1015682 http://secunia.com/advisories/19024 http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042525.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042524.html http://www.vupen.com/english/advisories/2006/0749 http://www.securityfocus.com/archive/1/426075/100/0/threaded http://www.securityfocus.com/archive/1/426074/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1528/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-1000

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect