Release date:
Updated on:
Affected Systems:
MyBB Awaylist
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57040
MyBB is an excellent free forum software in the world.
The ID parameter in index. php of MyBB Awaylist plug-in is not properly filtered, which can lead to illegal database operations.
<* Source: Red_Hat
Link: http://sebug.net/vuldb/ssvid-60535
*>
Test method:
--------------------------------------------------------------------------------
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/index.php? Action = editAwlItem & amp; id = [SQLi]
<? Php
$ Query = $ db-> simple_select (// 245
"Awaylist", '*', "id = '". $ mybb-> input ['id']. "'" // 246
); // 247
$ Item = $ db-> fetch_array ($ query); // 248
?>
Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:
* Disable the awaylist plug-in.
Vendor patch:
MyBB
----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://mods.mybb.com/view/awaylist