GulfTech Computers - Professional Computer Services  
Additional Links
-> Dicussion Forum
-> Encryption Tools
-> Information Tools
-> Net Info Tools
-> Latest Advisories
-> Latest Vulns
-> Latest Win Software
-> Latest Nix Software
-> Security News
-> Security Press
Recent News

GulfTech Computers strives to beat the price(s) of any other business around. Check with us first as it just may save you some time and money. And who doesn't want to save money? Please contact us with any questions or inquiries.

Latest GulfTech Releases

SubScan v1.2 Scans a domain for DNS records and SubDomains. Very stealthy, and can be used to find many hosts not on the public netblock. A very interesting tool to say the least. Works on both Nix and Windows based systems. Get it now!

Download SubScan v1.2

Search GulfTech
You can use the form below to search our site. Just enter the keyword or keywords to search.
Latest Advisories
Mandrakelinux Security Update Advisory - krb5 (MDKSA-2004:056)
NetBSD Security Advisory - CVS server vulnerability (2004-008)
Debian Security Advisory - New log2mail packages fix format string vulnerabilities (DSA 513-1)
MIT krb5 Security Advisory - buffer overflows in krb5_aname_to_localname (2004-001)
Gentoo Linux Security Advisory - tla: Multiple vulnerabilities in included libneon (Errata Update GLSA 200405-25:02)
Latest Vulnerabilities
Mollensoft Lightweight FTP Server CWD Buffer Overflow Vulnerability
Firebird Database Remote Database Name Overflow Vulnerability
PHPNuke Inadequate Security Checking Vulnerability
Nuke Cops betaNC PHP-Nuke Inadequate Security Checking Vulnerability
OSC2Nuke Inadequate Security Checking Vulnerability
Latest Security News
Sendmail's security
Worm steals credit card details
GAO: Feds can improve critical cybersecurity
Harry Potter virus targets children
Security vendor says offshore development needs checks















Invision Power Board SQL Injection Vuln
December 17, 2021


Vendor : Invision Power Services
URL : http://www.invisionpower.com
Version : All Versions Up To v1.1
Risk : SQL Injection Vulnerability
BID : http://www.securityfocus.com/bid/9232


Description:
Invision Power Board (IPB) is a professional forum system that has been built from the ground up with speed and security in mind, taking advantage of object oriented code, highly-optimized SQL queries, and the fast PHP engine. A comprehensive administration control panel is included to help you keep your board running smoothly. Moderators will also enjoy the full range of options available to them via built-in tools and moderators control panel. Members will appreciate the ability to subscribe to topics, send private messages, and perform a host of other options through the user control panel. It is used by millions of people over the world.


Problem:
Invision Power Board is vulnerable to an SQL Injection Vulnerability. All versions up to 2.0 Alpha 3 seem to be affected. Below is an example URL to test if you are vulnerable.

/index.php?showforum=1&prune;_day=100&sort;_by=Z-A&sort;_key=[Problem_Is_Here]

If you are vulnerable (you should be) you will see an error message similar to the one posted below. The only requirement is to know a valid forum number and to have read access to that forum (must be able to view it).



mySQL query error: SELECT * from ibf_topics WHERE forum_id=2 and approved=1 
and (last_post > 0 OR pinned=1) ORDER BY pinned DESC, [Problem_Is_Here] DESC 
LIMIT 0,15
mySQL error: You have an error in your SQL syntax near '[Problem_Is_Here] 
DESC LIMIT 0,15' at line 1
mySQL error code: 
Date: Saturday 13th of December 2003 01:25:30 AM


Solution:
Invision Power Services have released a fix for this issue. [ IPB Security Fix ]


Credits:
Credits go to JeiAr of the GulfTech Security Research Team.






© Copyright 2002 - GulfTech Computers, All Rights Reserved
Contact GulfTech Computers