MyBB Community Forums
Trying for an SQL Injection ? - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.6 (https://community.mybb.com/forum-138.html)
+------ Forum: 1.6 General Support (https://community.mybb.com/forum-127.html)
+------ Thread: Trying for an SQL Injection ? (/thread-140927.html)



Trying for an SQL Injection ? - bijumk - 2013-06-13

I found a user in my forum with a username 1'or'1'='1. Think he is trying for a sql injection. Hope we are protected against these people...


RE: Trying for an SQL Injection ? - Conor C. - 2013-06-13

Hello,

There are no known major exploits within MyBB. We would not release a version of MyBB if it had security vulnerabilities; and if one is found that's seen as critical, we aim to patch it within 24 hours.

The SQA team are given the role of bug testing and trying to manipulate the code to exploit it before a release is made. Developers also try the same.

The software does get tested for these types of things.

Thanks.


RE: Trying for an SQL Injection ? - bijumk - 2013-06-14

Hi Conor

Thank you very much for your reply... and for keeping us safe from those prying people

I know mere words of appreciation are not enough ... so a donation follows

love u guys...

Biju

Some problem with your paypal account ?

Getting an error message....

"This recipient is currently unable to receive money."

Please have a look and I will come back soon...


RE: Trying for an SQL Injection ? - Euan T - 2013-06-14

I'm afraid we've been having issues with PayPal for awhile now that we've been unable to resolve. Thanks for your attempt at donating though.