"futureforum" forum - script

download from: http://futurerealm.com/forum/futureforum.htm

problem description:

missing input validation in parameter "branch_no"
allows you to execute arbitrary sql-commands ..
combined with mysql - and the "into outfile"-statement
this can be extremly dangerous :-)


example:

http://www.dumbiassi.com/futureforum.cgi?branch_no=0%25'+into+outfile+'/tmp/sq'%00



RC-EOF