[Full-disclosure] SQL Injection in IPB <=2.1.3

Well this would be NDSD-06-002 but n3td3v seems to have really left.......All relevant details are in the message below, the SQL injection was patched within a day http://forums.invisionpower.com/index.php?showtopic=204627, I believe the other problems still exist. -----Original Message----- From...

SQL injection exploit IPB <= 2.1.4

This exploit has only been tested on 2.1.4. Others are most likely vulnerable but have not yet been tested. Simple SQL injection in funcmsg.php on line 448. tobyid is not properly sanitized. It's passed to the class via an instance of the messenger class, which takes it from the ipb sanitized inp...