Bugtraq mailing list archives
[myimei]MyBB1.0.3~moderation.php~SqlInject while merging posts
From: addmimistrator () gmail com
Date: 7 Feb 2006 22:56:23 -0000
ORIGINAL ADVISORY : http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html -Summary- Software: MyBB Sowtwares Web Site: http://www.mybboard.com Versions: 1.0.3 Class: Remote Status: Unpatched Exploit: Available Discovered by: imei addmimistrator Risk Level: high Description There is a security bug in MyBB 1.0.3 software (latest version fully patched) file moderation.php that allows attacker performe an SQLINJECTION attack. bug is in result of poor checking quotes for posts input variable. Attacker with enough permissions in moderation and merging posts can perform any one of UPDATE / DELETE / and SELECT query on db. Exploit- mybb/moderation.php?posts=[firstpid]|[secondpid][SQL] &tid=[containertid]&action=do_multimergeposts&sep=hr Solution Not Available Credit Discovered by: imei addmimistrator addmimistrator[4]gmail[O]com www.myimei.com security.myimei.com original advis: http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html
Current thread:
- [myimei]MyBB1.0.3~moderation.php~SqlInject while merging posts addmimistrator (Feb 07)