Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access

EDB-ID:

32422

CVE:

N/A


Author:

StAkeR

Type:

webapps


Platform:

PHP

Date:

2008-09-25


source: https://www.securityfocus.com/bid/31408/info

Vikingboard is prone to an unauthorized-access vulnerability.

Successfully exploiting this issue can allow attackers to register and log in as existing users.

Vikingboard 0.2 Beta is vulnerable; other versions may also be affected.

The following example account registration data is available:

Username: [username][whitespace characters]NULL
Password: [password]
E-Mail: [E-Mail]