I was working on some mybb plugins and found some vulns in that..
So for now PRO STAT .
Vendors: http://prostats.wordpress.com
Pro stat is Well known Mybb plugin and vuln to sql injection Inside admin panel and Change viewer.
ITs not much exploitable but bcz u want admin logins but can be handy to dumping the db if u failed to shell it ;)
oka here
Goto Plugins ANd just inject num rows settings..
ITs vuln to most of the parameter inside settings.
LIke POST FIELD ps_num_rows etc.
Screen Shot
Vendors: http://prostats.wordpress.com
Pro stat is Well known Mybb plugin and vuln to sql injection Inside admin panel and Change viewer.
ITs not much exploitable but bcz u want admin logins but can be handy to dumping the db if u failed to shell it ;)
oka here
Goto Plugins ANd just inject num rows settings..
ITs vuln to most of the parameter inside settings.
LIke POST FIELD ps_num_rows etc.
Screen Shot
3 comments:
nice 1...
Great. :)
It's good that you mention it. Lucy
Post a Comment