Search
Home

imei Addmimistrator’s BugBlog

imei’s security Advisories and researches

« MyBB 1.0.2~search.php~XSS Attack
MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS »

MyBB1.0.3~moderation.php~SqlInject while merging posts

——————-Summary—————-
Software: MyBB
Sowtware’s Web Site: http://www.mybboard.com
Versions: 1.0.3
Class: Remote
Status: Unpatched
Solution:Not Available
Exploit: Available
Discovered by: imei addmimistrator
Risk Level: high
—————–Description—————
There is a security bug in MyBB 1.0.3 software (latest version fully patched) file moderation.php that allows attacker performe an SQLINJECTION attack. bug is in result of poor checking quotes for “posts” input variable. Attacker with enough permissions in moderation and merging posts can perform any one of UPDATE / DELETE / and SELECT query on db.
————–Exploit———————-
mybb/moderation.php?posts=[firstpid]|[secondpid][SQL]
&tid=[containertid]&action=do_multimergeposts&sep=hr
————–Solution———————
Not Available
————–Credit———————–
Discovered by: imei addmimistrator
addmimistrator[4]gmail[O]com
www.myimei.com
security.myimei.com

Posted by imei on Tuesday, February 7th, 2006 at 8:31 pm.

2 Responses to “MyBB1.0.3~moderation.php~SqlInject while merging posts”

    xploits

    Left by ivan tk on February 17th, 2006

    http://www.frsirt.com/english/advisories/2006/0475

    Left by imei on February 24th, 2006

Something to say?

You must be logged in to post a comment.