lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+WgLh9AHgE57KGfi1kSk-Cgj+V9BndsBjLbmyrcuBmVJ6PYMg@mail.gmail.com>
Date: Sat, 23 Jun 2012 03:47:44 +0100
From: coptang <coptang@...il.com>
To: Henri Salo <henri@...v.fi>, bugtraq@...urityfocus.com, Amir@...st.ir
Subject: Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy

On 22 June 2012 07:58, Henri Salo <henri@...v.fi> wrote:
>> #########################################################################################
>> #
>> # Expl0iTs :
>> #
>> # [TarGeT]/Patch/announcements.php?aid=1[Sql]
>> #
>> #
>> #########################################################################################
>
> Could not reproduce. Could you give working PoC?
>
> - Henri Salo

Agreed, untested but this looks sanitised well enough to me:

Code from version 1.6.8 (and 1.6.7 / 1.6.6): http://www.mybb.com/download/latest

$aid = intval($mybb->input['aid']);

Can't see where in the page it's used unsanitised

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ