| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Mar 2007 23:29:50 +0100 From: Bastian Ahrens <mail@...ks.com> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: [Full-disclosure] Woltab Burning Board SQL Injection usergroups.php Hi out there, seems to be quite the same exploit as the one appeared in middle January which isn't very public and was marked as "private". The exploit code is nearly the same such as the bug. For a quick fix change the following line if (is_array($_POST['applicationids'])) while (list($applicationid, $val) = each($_POST['applicationids'])) if ($val == 1) $deleteids[] = $applicationid; to this if (is_array(intval($_POST['applicationids']))) while (list($applicationid, $val) = each($_POST['applicationids'])) if ($val == 1) $deleteids[] = $applicationid; Greets /ba PS: I just got informed that it's the same crew discovered this bug as the last time. x666@...e-mail.net wrote: > Hi, > > A new SQL Injection in the wbb2.x > > [CODE] > > [...] > > [/CODE] > > > > [EXPLOIT] > > [...] > > [/EXPLOIT] > > Greets, > 666 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists