Potential Exploit
So it is likely that the malcious user was running arbitrary code? Are there specific things I should be looking for now? (ie. known things that this person has run on other boards? inserted sql queries? etc)
The arbitrary code is in the username, so whatever is in the username would have been executed.
Dennis Tsang
Former MyBB Team Member
Web: http://dennistt.net

Forum Jump:

Users browsing this thread: 1 Guest(s)