[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] FluxBB <= 1.5.6 SQL Injection
From: secthrowaway () Safe-mail ! net
Date: 2014-11-22 5:12:25
Message-ID: N1-85lJmibNUt () Safe-mail ! net
[Download RAW message or body]
Anti-spam is awesome, but not in attachments. Replace all occurrences of ' () ' with '@' for the exploit to work.
-------- Original Message --------
From: secthrowaway@Safe-mail.net
To: fulldisclosure@seclists.org
Subject: [FD] FluxBB <= 1.5.6 SQL Injection
Date: Fri, 21 Nov 2014 02:23:30 -0500
> FluxBB version 1.5.6 and below suffers from a SQL injection vulnerability.
>
> Solution: update to FluxBB 1.5.7
>
> Working, automated PoC is attached.
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic