Bugtraq: Re: MyBB 1.0.2 SQL injection in usercp.php

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: MyBB 1.0.2 SQL injection in usercp.php

From: o.y.6 () hotmail com
Date: 15 Jan 2006 16:28:39 -0000

Hiz .. look at phpMyAdmin or you database

threadmode << After >> usergroup .. then you can't edit usergroup to get super acsses to any user you wn't

UPDATE Query :- 

','','','')/* Only You CAn Edit

showsigs         showavatars     showquickreply         ppp      tpp     daysprune       dateformat      timeformat     
 timezone        dst     buddylist  ignorelist           style           away    awaydate  returndate    awayreason     
 pmfolders       notepad         rating          referrer        reputation      regip           language        
timeonline      showcodebuttons

//* Do You Have Any Idea For That ? *//

By Date By Thread

Current thread:

MyBB 1.0.2 SQL injection in usercp.php addmimistrator (Jan 14)
- <Possible follow-ups>
- Re: MyBB 1.0.2 SQL injection in usercp.php o . y . 6 (Jan 16)