Possible SQL injection attempt?
#1
Someone registered a used as: '.system(getenv(HTTP_J)).' which I'm pretty sure was an attempt at a SQL injection, though, I have know clue what it would do that would help them. It seems rather pointless to me.

See for yourself:
http://www.quate.net/board/member.php?ac...ile&uid=12

I'm running MyBB 1.1, and am about to upgrade to the latest.
#2
http://community.mybboard.net/showthread.php?tid=9677

Also, see the announcement for the 1.1.3 release.
Dennis Tsang
Former MyBB Team Member
Web: http://dennistt.net


Forum Jump:


Users browsing this thread: 1 Guest(s)