3 matches found
CVE-2014-9254
Mode C The CVE affects MiniBB 3.1 prior to 2014-11-27. The vulnerability is a SQL injection in the bb_func_unsub.php code path exposed through the unsubscribe action, caused by an unanchored regular expression in preg_match that inaccurately validates the code parameter. This allows remote attack...
miniBB 3.1 Blind SQL Injection
Exploit Title: miniBB 3.1 Blind SQL Injection Date: 23-11-2014 Software Link: http://www.minibb.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ CVE: CVE-2014-9254 Category: webapps 1. Description pregmatch only check if $GET'code'...
MiniBB 3.1 - Blind SQL Injection
MiniBB 3.1 - Blind SQL Injection Exploit Title: miniBB 3.1 Blind SQL Injection Date: 23-11-2014 Software Link: http://www.minibb.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ CVE: CVE-2014-9254 Category: webapps 1. Description...