MyBB 1.0.2 SQL injection in usercp.php

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MyBB 1.0.2 SQL injection in usercp.php
From: addmimistrator@xxxxxxxxx
Date: 14 Jan 2006 19:14:46 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

this is a bug report for MyBB 1.0.2(latest version) 
bug found by imei
there is a security bug in usercp.php line 830 that Allows SQL Injection and 
can result to full access to admin cp.
bug is in result of poor checking of $mybb->input['threadmode'] value against 
all other values in usercp.php file line:830 ====>
"threadmode" => $mybb->input['threadmode'],
bug reported to vendors some days ago
bests.
imei

Prev by Date: [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability
Next by Date: WMF vulnerability was a deliberate backdoor?
Previous by thread: [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability
Next by thread: Re: MyBB 1.0.2 SQL injection in usercp.php
Index(es):
- Date
- Thread