[VIM] MyBB search.php XSS: "sortordr" or "sorder" ? and vendor ACK

security curmudgeon jericho at attrition.org
Wed Feb 1 13:53:14 EST 2006

: There also appears to be an SQL-injection related fix in global.php, but 
: I'm not sure where it came from - possibly a zero-day exploit.


  As some of you saw, when these forums were attacked, there has been the 
  discovery of another serious security exploit in MyBB.

  Soon after the boards were exploited, backups of the forum were restored 
  and the discovery process began. Due to access logs being completely 
  useless (Corrupt), I took to the code and found the potential 
  vulnerability the attacker exploited.

Interesting, the MyBB admins disclosed the attacker info:

Username: dedo (They previously registered here)
Email Address: o.y.6 at hotmail.com
IP Address:

That email address corresponds with two Bugtraq posts:

  MyBB 1.2 usercp2.php [ $url ] CrossSiteScripting ( XSS )

  MyBB 1.2 Local File Incusion

So it seems these may be two of the "several other medium priority 
vulnerabilities recently discovered".

More information about the VIM mailing list