mybb v1.1.1(rss.php) SQL Injection Exploit
- From: Breeeeh@xxxxxxxxxxx
- Date: 18 May 2006 15:35:43 -0000
----------------------------------
Foud By: Breeeeh & CrAzY CrAcKeR
Site: www.alshmokh.com
Email:Breeeeh@xxxxxxxxxxx
----------------------------------
$query = $db->query("SELECT * FROM ".TABLE_PREFIX."forums f WHERE 1=1 $forumlist");
$comma = " - ";
while($forum = $db->fetch_array($query))
{
$title .= $comma.$forum['name'];
$forumcache[$forum['fid']] = $forum;
$comma = ", ";
----------------------------------
Example:
/rss.php?...$comma=[SQL]
- Prev by Date: Re: Checkpoint SYN DoS Vulnerability
- Next by Date: Re: Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1
- Previous by thread: [SECURITY] [DSA 1072-1] New Nagios packages fix arbitrary code execution
- Next by thread: Re: mybb v1.1.1(rss.php) SQL Injection Exploit
- Index(es):
