MyBB MyStatus 3.1 – SQL Injection

Exploit Database
35 阅读

作者： Mario_Vs

日期： 2011-10-12
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/17972/

---------------------------------------------------------------------
Exploit Title : MyBB MyStatus 3.1
---------------------------------------------------------------------

Author: Mario_Vs
Date: 10/10/2011
Site: http://mariovs.pl/
@	: mario_vs[at]o2.pl
---------------------------------------------------------------------

Description >

Vendor 	: http://mods.mybb.com/download/mystatus
Tested On : Windows 7
---------------------------------------------------------------------

SQL Injection

http://localhost/mybb/process-mystatus.php?action=delete&statid=[SQLi]
---------------------------------------------------------------------

---------------------------------------------------------------------

Greets To: linc0ln.dll, j4ck, lDoran, ElusiveN, d3dik, thc_flow, PricK, artii2

All users: HackinQ.pl

last Exploits
MyBB MyStatus 3.1 – SQL Injection的更多信息

WordPress Plugin MiwoFTP 1.0.5 – Arbitrary File Download (2)：
Horde Groupware Web Mail Edition 5.1.2 – Cross-Site Request Forgery (1)：
Ninja Blog 4.8 – Multiple Vulnerabilities：
NoteBurner 2.35 – Denial Of Service (DoS) (PoC)：
i-doIT 0.9.9-4 – Local File Inclusion：
Company’s Recruitment Management System 1.0 – ‘Multiple’ SQL Injection (Unauthenticated)：
PHPWCMS 1.5.4.6 – ‘preg_replace’ Multiple Vulnerabilities：
PHP Event Calendar 1.5 – Multiple Vulnerabilities：