CVE-2008-0383
CVE-2008-0383
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/31034no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://community.mybboard.net/showthread.php?tid=27227http://secunia.com/advisories/28509http://securityreason.com/securityalert/3558https://exchange.xforce.ibmcloud.com/vulnerabilities/39728https://exchange.xforce.ibmcloud.com/vulnerabilities/39729http://www.securityfocus.com/archive/1/486433/100/0/threadedhttp://www.securityfocus.com/bid/27323http://www.waraxe.us/advisory-62.html