MyBB Community Forums
[Rejected] Vulnerability search.php - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Development (https://community.mybb.com/forum-161.html)
+--- Forum: MyBB 1.8 Development (https://community.mybb.com/forum-165.html)
+---- Forum: 1.8 Bugs and Issues (https://community.mybb.com/forum-157.html)
+----- Forum: Rejected (https://community.mybb.com/forum-184.html)
+----- Thread: [Rejected] Vulnerability search.php (/thread-157773.html)



Vulnerability search.php - adi19 - 2014-08-19

Common vulnerability in MyBB 1.6.14
If you entered the code in search box!
<foo> <h1> <script> alert (bar) () ; // ' " > < prompt \x41 %42 constructor onload

[Image: Untitled.jpg]


RE: Vulnerability search.php - Starpaul20 - 2014-08-19

That's not a vulnerability (it's simply an SQL error) and it's already been fixed in 1.8.


RE: Vulnerability search.php - adi19 - 2014-08-19

Ok! Thank you!