16th Apr 2003 [SBWID-6162]
COMMAND
	Instaboard SQL injection
SYSTEMS AFFECTED
	NetPleasure's Instaboard 1.3
PROBLEM
	Jim    Dew    [jdew(at)cleannorth.org]    reported    sql     injections
	vulnerabilities:
	
	http://server/instaboard/index.cfm?frmid=1%20AND%20u.userid%20IN%20(select%20userid%20from%20users)
	http://server/instaboard/index.cfm?frmid=1&tpcid=1%20SQL
	http://server/instaboard/index.cfm?frmid=1%20SQL&tpcid=1
	http://server/instaboard/index.cfm?pr=replymsg&frmid=1&tpcid=1%20SQL&msgid=11
	http://server/instaboard/index.cfm?pr=replymsg&frmid=1&tpcid=1&msgid=11%20SQL
	http://server/instaboard/index.cfm?catid=1%20SQL
	
SOLUTION
	If you have the licensed version of the product, protect  the  numerical
	values within the CFQUERY tags:
	for example:
	In queries/oraclen/qry_GetOriginalMessage.cfm
	    change
	
	  WHERE m.tpcid = #tpcid#
	  AND m.userid = u.userid
	  AND m.msgid = #msgid#
	
	to
	
	  WHERE m.tpcid = #VAL(tpcid)#
	  AND m.userid = u.userid
	  AND m.msgid = #VAL(msgid)#