Mario_Vs - Security Researcher - Exploit Intelligence Platform

CVE-2011-5277 EXPLOITDB text WORKING POC

Advanced Forum Signatures 2.0.4 - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in signature.php in the Advanced Forum Signatures (aka afsignatures) plugin 2.0.4 for MyBB allow remote attackers to execute arbitrary SQL commands via the (1) afs_type, (2) afs_background, (3) afs_showonline, (4) afs_bar_left, (5) afs_bar_center, (6) afs_full_line1, (7) afs_full_line2, (8) afs_full_line3, (9) afs_full_line4, (10) afs_full_line5, or (11) afs_full_line6 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

View Code

CVE-2011-5278 EXPLOITDB text WORKING POC

Advanced Forum Signatures 2.0.4 - SQL Injection via afs_bar_right Parameter

SQL injection vulnerability in signature.php in Advanced Forum Signatures plugin (aka afsignatures) 2.0.4 for MyBB allows remote attackers to execute arbitrary SQL commands via the afs_bar_right parameter.

View Code

CVE-2011-4569 EXPLOITDB text WORKING POC

Userbar plugin 2.2 for MyBB Forum - SQL Injection via image2 Parameter

SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter.

View Code

EIP-2026-109724 EXPLOITDB text WRITEUP

MyBB MyStatus 3.1 - SQL Injection

View Code