Potential Exploit
#1
I run a MyBB forum and I just saw today that there is a registered user by the name of

'.system(getenv(HTTP_J)).'

I'm wondering a few things.

Is there a known exploit involving this?
I was running 1.1.2 at the time. Just up'd to 1.1.3. Because I was running the old version, was the exploit successful? I can't tell if anything is wrong.
Has this been fixed?


Messages In This Thread
Potential Exploit - by UtopiaSoft - 2006-06-14, 03:05 AM
RE: Potential Exploit - by vikramdhani - 2006-06-14, 03:08 AM
RE: Potential Exploit - by nekng - 2006-06-14, 03:09 AM
RE: Potential Exploit - by UtopiaSoft - 2006-06-14, 03:12 AM
RE: Potential Exploit - by Dennis Tsang - 2006-06-14, 04:35 AM
RE: Potential Exploit - by - 2006-06-14, 04:36 AM
RE: Potential Exploit - by Dennis Tsang - 2006-06-14, 04:41 AM
RE: Potential Exploit - by - 2006-06-14, 04:47 AM
RE: Potential Exploit - by Dennis Tsang - 2006-06-14, 04:56 AM
RE: Potential Exploit - by - 2006-06-14, 05:27 AM
RE: Potential Exploit - by UtopiaSoft - 2006-06-14, 05:57 AM
RE: Potential Exploit - by Dennis Tsang - 2006-06-14, 06:51 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)