MySubscriptions 2.0.1 [Latest]

bingo · 09-06-2016, 09:28 PM

This too suffers from same old SQL injection + Blind Sqli vulnerability @

PHP Code:
case 'do_addsubscription':
if ($mybb->input['title'] == '' || $mybb->input['description'] == '' || intval($mybb->input['group']) <= 0)
{
mysubscriptions_messageredirect($lang->mysubscriptions_missing_field, 1);
}

$title = $db->escape_string($mybb->input['title']);
$description = $db->escape_string($mybb->input['description']); 

Input field without annotaion is possible about True, False SQL Injection. Normal Web Firewalls filter #, --, /**/, so the method is more effective in the Web Firewalls.

People using this plugin on forum are likely to be hacked or defaced by attacker if they santize header and upload shell. Apart from Sqli.

I had previously informed plugin author about this but he seem to be lazy and never checks his mail . And i dont got time to register his kiddo forum

MySubscriptions 2.0.1 [Latest]

Submitted by Bitdefender, 07-06-2016, 02:37 PM, Thread ID: 21596

RE: MySubscriptions 2.0.1 [Latest]