Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Search.php bug & how to fix it.
#1
So i have noticed that if you go to /search.php?action=results&sid[0]=9afaea732cb32f06fa34b1888bd237e2&sortby=&order=
on any site then you get an error. You can try this on your own forums or on this forum.

How To patch :

edit search.php and find this line :


$sid = $db->escape_string($mybb->input['sid']);


change this line to :


if(is_array($mybb->input['sid']))
$sid = $db->escape_string(implode($mybb->input['sid']));
else
$sid = $db->escape_string($mybb->input['sid']);
#2
We're aware of this but as there are many more places where this occurs we won't fix this in 1.6 - but it's already fixed in 1.8
Support PMs will be ignored!
#3
(2014-05-19, 07:16 PM)King Louis Wrote: We're aware of this but as there are many more places where this occurs we won't fix this in 1.6 - but it's already fixed in 1.8

Ah, sorry for posting then :p
#4
no ok... security fix 4 august 2014... no fix

And:
http://community.mybb.com/search.php?action=results&sid[0]=9afaea732cb32f06fa34b1888bd237e2
#5
Its been fixed in 1.8 a while back, along with lots of other places where there was a potential for the same problem https://github.com/mybb/mybb/commit/93f3...e611968744
#6
(2014-08-13, 02:07 AM)Leprechaun Wrote: no ok... security fix 4 august 2014... no fix

And:
http://community.mybb.com/search.php?action=results&sid[0]=9afaea732cb32f06fa34b1888bd237e2

It's not a huge security issue. The only interesting thing it reveals is the PHP version, and there are easier ways of determining that. Even then if you are running on a vulnerable PHP version the attacker doesn't necessarily need to know it to exploit it.

If it bothers you, turn off warnings/errors in production.
No longer involved in the MyBB project.


Forum Jump:


Users browsing this thread: 1 Guest(s)