'announcements.php' Sql Injection Vulnerabilitiy
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir/forum
#
# Software Link : http://www.mybb.com/
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork
On 22 June 2012 07:58, Henri Salo he...@nerv.fi wrote:
#
#
# Expl0iTs :
#
# [TarGeT]/Patch/announcements.php?aid=1[Sql]
#
#
This is an invalid report. No such vulnerability exists within MyBB 1.6.8.
-Nathan Malcolm,
MyBB group
.
#
#
# Exploit Title : Mybb 1.6.8 'announcements.php' Sql Injection
Vulnerabilitiy
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir/forum
#
# Software
1.6.8 'announcements.php' Sql Injection Vulnerabilitiy
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir/forum
#
# Software Link : http://www.mybb.com/
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
a bug in Mybb 1.6.8 'announcements.php' that allows to us to occur a Sql
Injection on a Remote machin.
#
#
# Exploit Title : Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy
#
# Author