12-06-2016, 01:34 PMDP_PN Wrote:09-06-2016, 09:28 PMbingo Wrote: This too suffers from same old SQL injection + Blind Sqli vulnerability @
Input field without annotaion is possible about True, False SQL Injection. Normal Web Firewalls filter #, --, /**/, so the method is more effective in the Web Firewalls.PHP Code:case 'do_addsubscription':
if ($mybb->input['title'] == '' || $mybb->input['description'] == '' || intval($mybb->input['group']) <= 0)
{
mysubscriptions_messageredirect($lang->mysubscriptions_missing_field, 1);
}
$title = $db->escape_string($mybb->input['title']);
$description = $db->escape_string($mybb->input['description']);
People using this plugin on forum are likely to be hacked or defaced by attacker if they santize header and upload shell. Apart from Sqli.
I had previously informed plugin author about this but he seem to be lazy and never checks his mail . And i dont got time to register his kiddo forum
How would you patch that? I'd like to protect my forum and I have this plugin running. Also what problem is there in the gateway? I'd like to fix that too for my users otherwise they steal from me!
You can always use the type of setup NulledBB has.