MyBB version 1.4.8 suffers from a SQL injection vulnerability in search.php.
e23e4b06ed3aec14e7d8684c59c3794726b6a66fc56c1a81a52e4ff020d1d521##########################
# mybb v1.4.8 search.php blind/query based sql injection vulns
# author: $qL_DoCt0r
# msn: sidthesloth@windowslive.com
# blog: http://full-discl0sure.blogspot.com
# moderator of: http://hackwarez.net
##########################
search.php fails to correctly sanitise the user input validation allowing
error based and query based sql injection to discreetly extract
undisclosed information from the sql database
simple query: ' or 1=1--
blind query: ' having 1=1--
must be registered on forum with 2+ posts for this to work :P
solution: simple add a simple sanitiser for $sqlstring and the search
input variable
!
#GREETINGS: TheMindRapist ~ Qabandi ~ Mr.SQL ~ WEbDEvil
--
--------------------------------------------------------------
This email was sent using Telecom SchoolZone.
www.schoolzone.net.nz
This email has been scanned for viruses by Telecom SchoolZone,
but is not guaranteed to be virus-free.
--------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed