MySubscriptions 2.0.1 [Latest]

12-06-2016, 01:34 PM

DP_PN Wrote:

09-06-2016, 09:28 PM

bingo Wrote: This too suffers from same old SQL injection + Blind Sqli vulnerability @

PHP Code:

case 'do_addsubscription':
 if ($mybb->input['title'] == '' || $mybb->input['description'] == '' || intval($mybb->input['group']) <= 0)
 {
 mysubscriptions_messageredirect($lang->mysubscriptions_missing_field, 1);
 }
 
 $title = $db->escape_string($mybb->input['title']);
 $description = $db->escape_string($mybb->input['description']); 


Input field without annotaion is possible about True, False SQL Injection. Normal Web Firewalls filter #, --, /**/, so the method is more effective in the Web Firewalls.

People using this plugin on forum are likely to be hacked or defaced by attacker if they santize header and upload shell. Apart from Sqli.

I had previously informed plugin author about this but he seem to be lazy and never checks his mail . And i dont got time to register his kiddo forum

How would you patch that? I'd like to protect my forum and I have this plugin running. Also what problem is there in the gateway? I'd like to fix that too for my users otherwise they steal from me!

You can always use the type of setup NulledBB has.