Published: 05/08/2006 Updated: 29/04/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in the u2u_send_recp function in u2u.inc.php in XMB (aka extreme message board) 1.9.6 Alpha and previous versions allows remote malicious users to execute arbitrary SQL commands via the u2uid parameter to u2u.php, which is directly accessed from $_POST and bypasses the protection scheme.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xmb software xmb forum

#!/usr/bin/php -q -d short_open_tag=on <? echo "XMB <= 196 'u2uid' SQL injection / admin credentials disclosure\n"; echo "by rgod rgod@autisticiorg\n"; echo "site: retrogodaltervistaorg\n"; echo "dork: \"Powered by XMB\"\n\n"; /* works with magic_quotes=off Mysql >= 41 (allowing subs) */ if ($argc<5) { echo "Usage: php " ...

NVD-CWE-Other http://www.securityfocus.com/bid/19280 http://secunia.com/advisories/21293 http://www.vupen.com/english/advisories/2006/3088 https://exchange.xforce.ibmcloud.com/vulnerabilities/28159 https://www.exploit-db.com/exploits/2105 https://docs.xmbforum2.com/index.php?title=Security_Issue_History https://nvd.nist.gov https://www.exploit-db.com/exploits/2105/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-3994

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect