Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

mybb v1.1.1(showthread.php) SQL Injection Exploit

From: Breeeeh () hotmail com
Date: 9 May 2006 10:12:39 -0000
----------------------------------
foud by: Breeeeh
Site: http://www.alshmokh.com
Email: Breeeeh () hotmail com
----------------------------------

$query = $db->query("SELECT pid FROM ".TABLE_PREFIX."posts WHERE tid='$tid' $visible ORDER BY dateline LIMIT $start, 
$perpage");
                while($getid = $db->fetch_array($query)) {
                        $pids .= "$comma'$getid[pid]'";
                        $comma = ",";
                }

-------------------

example:
/showthread.php?...$comma=[SQL]
Previous By Date Next
Previous By Thread Next

Current thread: