Bugtraq mailing list archives
Re: mybb v1.1.1(rss.php) SQL Injection Exploit
From: "Steven M. Christey" <coley () mitre org>
Date: Thu, 25 May 2006 01:52:34 -0400 (EDT)
Foud By: Breeeeh & CrAzY CrAcKeR
$comma = " - "; ... $title .= $comma.$forum['name']; ... $comma = ", ";
This code snippet sets the $comma variable to static values, so it doesn't look like the attacker can control them.
Example: /rss.php?...$comma=[SQL]
Given the previous code snippet, how can $comma be modified from this URL? - Steve
Current thread:
- mybb v1.1.1(rss.php) SQL Injection Exploit Breeeeh (May 22)
- <Possible follow-ups>
- Re: mybb v1.1.1(rss.php) SQL Injection Exploit Steven M. Christey (May 25)