BugTraq
Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy Jun 21 2012 02:44PM
Amir irist ir (1 replies)
Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy Jun 22 2012 06:58AM
Henri Salo (henri nerv fi) (2 replies)
Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy Jun 23 2012 02:47AM
coptang (coptang gmail com)
On 22 June 2012 07:58, Henri Salo <henri (at) nerv (dot) fi [email concealed]> wrote:
>> ########################################################################
#################
>> #
>> # Expl0iTs :
>> #
>> # [TarGeT]/Patch/announcements.php?aid=1[Sql]
>> #
>> #
>> ########################################################################
#################
>
> Could not reproduce. Could you give working PoC?
>
> - Henri Salo

Agreed, untested but this looks sanitised well enough to me:

Code from version 1.6.8 (and 1.6.7 / 1.6.6): http://www.mybb.com/download/latest

$aid = intval($mybb->input['aid']);

Can't see where in the page it's used unsanitised

[ reply ]
Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy Jun 22 2012 08:13PM
Yaniv Shaked (yaniv0a gmail com) (1 replies)
Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy Jun 26 2012 04:46PM
Gianluca Brindisi (g brindi si)


 

Privacy Statement
Copyright 2010, SecurityFocus