[VIM] MyBB search.php XSS: "sortordr" or "sorder" ? and vendor ACK
jericho at attrition.org
Wed Feb 1 13:53:14 EST 2006
: There also appears to be an SQL-injection related fix in global.php, but
: I'm not sure where it came from - possibly a zero-day exploit.
As some of you saw, when these forums were attacked, there has been the
discovery of another serious security exploit in MyBB.
Soon after the boards were exploited, backups of the forum were restored
and the discovery process began. Due to access logs being completely
useless (Corrupt), I took to the code and found the potential
vulnerability the attacker exploited.
Interesting, the MyBB admins disclosed the attacker info:
Username: dedo (They previously registered here)
Email Address: o.y.6 at hotmail.com
IP Address: 18.104.22.168
That email address corresponds with two Bugtraq posts:
MyBB 1.2 usercp2.php [ $url ] CrossSiteScripting ( XSS )
MyBB 1.2 Local File Incusion
So it seems these may be two of the "several other medium priority
vulnerabilities recently discovered".
More information about the VIM