Bugtraq mailing list archives

[KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html

From: addmimistrator () gmail com
Date: 28 Jun 2006 06:50:59 -0000

ORIGINAL ADVISORY:
http://kapda.ir/page-advisory.html
http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html

-Summary-
Software: MyBB
Sowtwares Web Site: http://www.mybboard.com
Versions: 1.1.4
Class: Remote
Status: Patched
Exploit: Available
Discovered by: imei addmimistrator
Risk Level: Medium
Description
There is a security bug in MyBB 1.1.4 software (latest version fully patched) that allows attacker initualize arbitary 
varables with arbitary values and perform many attck kinds same SQLINJECTION attack.
READ ORIGINAL ADVISORY FOR MORE DETAIL

Current thread:

[KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html addmimistrator (Jun 28)