[42241] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: MyBB 1.0.2 SQL injection in usercp.php

daemon@ATHENA.MIT.EDU (o.y.6@hotmail.com)
Mon Jan 16 21:19:34 2006

Date: 15 Jan 2006 16:28:39 -0000
Message-ID: <20060115162839.16524.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: o.y.6@hotmail.com
To: bugtraq@securityfocus.com

Hiz .. look at phpMyAdmin or you database

threadmode << After >> usergroup .. then you can't edit usergroup to get super acsses to any user you wn't

UPDATE Query :- 

','','','')/* Only You CAn Edit

showsigs  	 showavatars  	 showquickreply  	ppp  	 tpp  	 daysprune  	 dateformat  	 timeformat  	 timezone  	 dst  	 buddylist  ignorelist  	 style  	 away  	 awaydate  returndate  	 awayreason  	 pmfolders  	 notepad  	 rating  	 referrer  	 reputation  	 regip  	 language  	 timeonline  	 showcodebuttons

//* Do You Have Any Idea For That ? *//


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[42241] in bugtraq

Re: MyBB 1.0.2 SQL injection in usercp.php

daemon@ATHENA.MIT.EDU (o.y.6@hotmail.com)Mon Jan 16 21:19:34 2006

daemon@ATHENA.MIT.EDU (o.y.6@hotmail.com)
Mon Jan 16 21:19:34 2006