CardingMafia Admin
05-07-2013, 01:40 AM
MyBB <1.6.9 is vulnerable to Stored, Error based, SQL Injection.
Vulnerable code:
/editpost.php
===
Line 398
===
$posthash_query = "posthash='{$posthash}' OR ";
===
It can be done by using Tamper Data(Or Live HTTP Headers), and when
submitting a post, edit the 'posthash' POST parameter to your payload,
submitting, then going to edit your post.
pictures here
http://imgur.com/a/JxfEI
Vulnerable code:
/editpost.php
===
Line 398
===
$posthash_query = "posthash='{$posthash}' OR ";
===
It can be done by using Tamper Data(Or Live HTTP Headers), and when
submitting a post, edit the 'posthash' POST parameter to your payload,
submitting, then going to edit your post.
pictures here
http://imgur.com/a/JxfEI