MyBB Community Forums

MyBB Community Forums > 1.8 Support > General Support > Is $page in forumdisplay.php vulnerable?
Full Version: Is $page in forumdisplay.php vulnerable?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Amen4747

2018-07-10, 04:01 AM
Hi, I'm just curious.

in forumdisplay.php


$page = $mybb->input['page'];
$start = ($page-1) * $perpage;



  .
  .
  .

$query = $db->query("
   .
   .
  LIMIT $start, $perpage

 ");


I think it can cause security problems by connecting to DB

I think "$mybb->get_input('page', MyBB::INPUT_INT);" is better

Am I thinking wrong?

Wires

2018-07-10, 06:04 AM
Take note of the two variables you're talking about. The variable $page is never called in a query in forumdisplay.php. It's $perpage which gets called, which are two completely different variables. Even though not necessarily needed, yes the latter would be better.

Note that if you think there's a vulnerability in the software post it in Private Inquiries first. If it was a real vulnerability you would of just released it to the whole world.

Amen4747

2018-07-10, 10:54 AM
$query = $db->query("
  LIMIT $start, $perpage
 ");

but $start does.
and $start is"($page-1) * $perpage;
MyBB Community Forums > 1.8 Support > General Support > Is $page in forumdisplay.php vulnerable?