id: arcade-php-sqli
info:
name: Arcade.php - SQL Injection
author: MaStErChO
severity: high
description: |
The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.
reference:
- https://www.exploit-db.com/exploits/29604
- https://github.com/OWASP/vbscan/
metadata:
verified: true
max-request: 1
tags: arcade,php,vbulletin,sqli
http:
- method: GET
path:
- "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "mySQL query error"
- type: status
status:
- 200