Full Disclosure mailing list archives
Re: Woltab Burning Board SQL Injection usergroups.php
From: Bastian Ahrens <mail () b3cks com>
Date: Thu, 15 Mar 2007 23:29:50 +0100
Hi out there, seems to be quite the same exploit as the one appeared in middle January which isn't very public and was marked as "private". The exploit code is nearly the same such as the bug. For a quick fix change the following line if (is_array($_POST['applicationids'])) while (list($applicationid, $val) = each($_POST['applicationids'])) if ($val == 1) $deleteids[] = $applicationid; to this if (is_array(intval($_POST['applicationids']))) while (list($applicationid, $val) = each($_POST['applicationids'])) if ($val == 1) $deleteids[] = $applicationid; Greets /ba PS: I just got informed that it's the same crew discovered this bug as the last time. x666 () Safe-mail net wrote:
Hi, A new SQL Injection in the wbb2.x [CODE] [...] [/CODE] [EXPLOIT] [...] [/EXPLOIT] Greets, 666 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Woltab Burning Board SQL Injection usergroups.php x666 (Mar 14)
- Re: Woltab Burning Board SQL Injection usergroups.php Bastian Ahrens (Mar 15)