09-06-2016, 09:28 PMbingo Wrote: This too suffers from same old SQL injection + Blind Sqli vulnerability @
Input field without annotaion is possible about True, False SQL Injection. Normal Web Firewalls filter #, --, /**/, so the method is more effective in the Web Firewalls.PHP Code:case 'do_addsubscription':
if ($mybb->input['title'] == '' || $mybb->input['description'] == '' || intval($mybb->input['group']) <= 0)
{
mysubscriptions_messageredirect($lang->mysubscriptions_missing_field, 1);
}
$title = $db->escape_string($mybb->input['title']);
$description = $db->escape_string($mybb->input['description']);
People using this plugin on forum are likely to be hacked or defaced by attacker if they santize header and upload shell. Apart from Sqli.
I had previously informed plugin author about this but he seem to be lazy and never checks his mail . And i dont got time to register his kiddo forum
How would you patch that? I'd like to protect my forum and I have this plugin running. Also what problem is there in the gateway? I'd like to fix that too for my users otherwise they steal from me!