Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago Amir reported SQL-injection in 1.6.8
#1
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
Hello,

I noticed security vulnerability report in mailing list: http://seclists.org/bugtraq/2012/Jun/29

I tried to verify this without success (usual scenario with Amir). Could someone verify this is not valid issue?
Reply
#2
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
This is not a valid issue. warning_level is not a valid action within member.php.
Reply
#3
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
Thank you fast response.
Reply
#4
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
i have a question.
did anyone reports bugs from mybb a few days ago?
mr fgeek published one of them and i want to publish another one.
im not sure, please check http://packetstormsecurity.org/files/113300/MyBB-1.6.8-SQL-Injection.html and tell me is this a bug? or not?
Reply
#5
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
Again, it's an invalid report. It's a vulnerability within a plugin not within MyBB.
Reply
#6
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
What plugin is this bug?

I have a site for a demo http://www.mihanhack.com/forums/member.php?action=profile&uid=9 '

The full explanation is unraveling, ohh Please do harm Dhdyd
Reply
#7
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
I believe it's this plugin: http://mybbsource.com/thread-3991.html
Reply
#8
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
Are you sure this is really an inconvenience unraveling, ohh?

This is because I http://www.mihanhack.com/forums/member.php?action=profile&uid=9 '

And until now has not been hacked and someone has released a bug that wants to hurt us.

I did not bug me, bug Czech officer may explain the better you get
Reply
#9
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
These vulnerabilities do not affect 1.6.8, unless you have those plugins installed.
Reply
#10
Solved: 2 Years, 5 Months, 2 Weeks, 11 Hours, 30 Minutes, 52 Seconds ago
(06-09-2012, 04:56 AM)s3ri0s Wrote:  This is because I http://www.mihanhack.com/forums/member.php?action=profile&uid=9 '

If you look at the SQL error that spits out:
Code:
SELECT * FROM mybb_adv_ratings WHERE fuid='9'' AND uid='0'

It should be immediately obvious that mybb_adv_ratings is not a default MyBB table.

I already contacted the author of the Advanced Profile plugin via PM on MyBB source, but seeing as it's not hosted on the mods site we can't take it down. I'm also not sure if the vulnerability is in the latest version of the plugin.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)