MyBB MyStatus 3.1 SQL Injection Vulnerability

2011-10-11T00:00:00
ID 1337DAY-ID-16996
Type zdt
Reporter Mario_Vs
Modified 2011-10-11T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ---------------------------------------------------------------------
Exploit Title : MyBB MyStatus 3.1
---------------------------------------------------------------------
 
Author      : Mario_Vs
Date        : 10/10/2011
Site        : http://mariovs.pl/
@       : mario_vs[at]o2.pl
---------------------------------------------------------------------
 
Description >
 
Vendor      : http://mods.mybb.com/download/mystatus
Tested On   : Windows 7
---------------------------------------------------------------------
 
SQL Injection
 
http://localhost/mybb/process-mystatus.php?action=delete&statid=[SQLi]
---------------------------------------------------------------------
 
---------------------------------------------------------------------
 
Greets To: linc0ln.dll, j4ck, lDoran, ElusiveN, d3dik, thc_flow, PricK, artii2
 
All users: HackinQ.pl



#  0day.today [2018-01-08]  #