| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 7 Feb 2006 22:56:23 -0000 From: addmimistrator@...il.com To: bugtraq@...urityfocus.com Subject: [myimei]MyBB1.0.3~moderation.php~SqlInject while merging posts ORIGINAL ADVISORY : http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.0.3 Class: Remote Status: Unpatched Exploit: Available Discovered by: imei addmimistrator Risk Level: high —————–Description————— There is a security bug in MyBB 1.0.3 software (latest version fully patched) file moderation.php that allows attacker performe an SQLINJECTION attack. bug is in result of poor checking quotes for “posts” input variable. Attacker with enough permissions in moderation and merging posts can perform any one of UPDATE / DELETE / and SELECT query on db. ————–Exploit———————- mybb/moderation.php?posts=[firstpid]|[secondpid]‘[SQL] &tid=[containertid]&action=do_multimergeposts&sep=hr ————–Solution——————— Not Available ————–Credit———————– Discovered by: imei addmimistrator addmimistrator[4]gmail[O]com www.myimei.com security.myimei.com original advis: http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html
Powered by blists - more mailing lists