MyBB Community Forums

Full Version: MyTabs - Tabbed Forum Browsing
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
(2011-06-10, 10:03 PM)mindaugas355 Wrote: [ -> ]
(2011-06-08, 04:33 PM)lucasbytegenius Wrote: [ -> ]
(2011-06-05, 10:59 PM)mindaugas355 Wrote: [ -> ]This plugin doesn't work.When you click on tab,nothing happens.
On your site or my test site?
(2011-06-08, 10:00 AM)mindaugas355 Wrote: [ -> ]Your script has a SQL injection vulnerability...
Well it's not mine, but I hope the creator comes back soon.
How do you know it has a vulnerability?

On my site,but I allready removed it.
I know because I'm working many years in websites security.

Send a detailed PM to the author explaining how a potential hacker could exploit his plugin.
(2011-06-11, 12:54 AM)lucasbytegenius Wrote: [ -> ]
(2011-06-10, 10:03 PM)mindaugas355 Wrote: [ -> ]
(2011-06-08, 04:33 PM)lucasbytegenius Wrote: [ -> ]
(2011-06-05, 10:59 PM)mindaugas355 Wrote: [ -> ]This plugin doesn't work.When you click on tab,nothing happens.
On your site or my test site?
(2011-06-08, 10:00 AM)mindaugas355 Wrote: [ -> ]Your script has a SQL injection vulnerability...
Well it's not mine, but I hope the creator comes back soon.
How do you know it has a vulnerability?

On my site,but I allready removed it.
I know because I'm working many years in websites security.

Send a detailed PM to the author explaining how a potential hacker could exploit his plugin.

Wish I got that PM. And whenever I create queries I use $mybb->input, which is filtered everytime the mybb core is loaded, so there shouldn't be any SQL problems. This was through a nice Beta stage, I promise.
Quote:Send a detailed PM to the author explaining how a potential hacker could exploit his plugin.
Attacked can access all database and download it or change values.
Revenger,
fix this bug and it would be grate if you make it work normally,because when you click on tab,nothing happends.Thanks
(2011-06-13, 10:56 AM)Revenger Wrote: [ -> ]Wish I got that PM. And whenever I create queries I use $mybb->input, which is filtered everytime the mybb core is loaded, so there shouldn't be any SQL problems. This was through a nice Beta stage, I promise.


Not true. You have to still sanitize input.

$db->escape_string()

And the flaw is easily found.

$selected_tab = $mybb->input['tab'];

Should be
$selected_tab = intval($mybb->input['tab']);

That's at least the obvious SQL Injection method.
I've been using this plugin for the past few months and it has been giving me fantastic results.

Thank you for making this plugin free of cost Revenger.
How can I make the tabs a header image like the header of the table of my forum categories?
I have a problem. After I've set it up it still shows all the categories/forums in every section...
(2011-06-17, 11:32 PM)labrocca Wrote: [ -> ]Not true. You have to still sanitize input.

$db->escape_string()

And the flaw is easily found.

$selected_tab = $mybb->input['tab'];

Should be
$selected_tab = intval($mybb->input['tab']);

That's at least the obvious SQL Injection method.

The plugin still suffers from this exploit and today it was posted on several exploit sites, along with a proof of concept that lets anyone gain administrator permissions. Anyone who uses this plugin should make the change as shown by labrocca above - or disable it. Otherwise you are bound to get hacked sooner or later...
I know I posted this 8 weeks ago. Annoying is how many PMs I get with people thinking this is my Tabbed Menu plugin with the exploit.

FYI Maybe staff should remove download until OP fixes this. It's only going to get forums hacked severely. A full delete, dump, or admin takeover are possible.
/admin/mytabs.lang.php does not exist
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21