Jump to content
Nytro

MyBB (editpost.php, posthash) SQL Injection Vulnerability

By Nytro, in Exploituri

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=1]MyBB (editpost.php, posthash) SQL Injection Vulnerability[/h]

MyBB <1.6.9 is vulnerable to Stored, Error based, SQL Injection.

Vulnerable code:

/editpost.php

===
Line 398
===
$posthash_query = "posthash='{$posthash}' OR ";
===


It can be done by using Tamper Data(Or Live HTTP Headers), and when
submitting a post, edit the 'posthash' POST parameter to your payload,
submitting, then going to edit your post.


Small "HOWTO" in picture: http://imgur.com/a/JxfEI

This bug was not found by me, but afaik, I am the first one to release it.


-- 
*Joshua Rogers* - Retro Game Collector && IT Security Specialist
gpg pubkey <http://www.internot.info/docs/gpg_pubkey.asc.gpg>

Sursa: MyBB (editpost.php, posthash) SQL Injection Vulnerability

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...