MyBB Security Tutorial and Guidelines

17-02-2015, 09:29 PM

Kewl Wrote: For the 1.6 users out there, here is something you can patch (if you wanna :rly;

Vuln: /search.php?action=results&sid[0]=9afaea732cb32f06fa34b1888bd237e2&sortby=&order=

Error:

Code:

Warning [2] mysqli_real_escape_string() expects parameter 2 to be string,
array given - Line: 874 - File: inc/db_mysqli.php PHP 5.4.19

-1~dotdeb.1 (Linux)

Edit search.php

And find the code

PHP Code:

$sid = $db->escape_string($mybb->input['sid']); 


Replace it with

PHP Code:

if(is_array($mybb->input['sid']))
  $sid = $db->escape_string(implode($mybb->input['sid']));
  else
  $sid = $db->escape_string($mybb->input['sid']); 


Now save it.

Source: http://packetstormsecurity.com/files/125...ction.html

This is fixed already in the newer versions (1.6.3+), right?
http://blog.mybb.com/2011/04/17/mybb-1-6...ty-update/