MyBB Ajaxfs v2 Plugin - SQL Injection Vulnerability [Anonymoused]

2013-11-20 12:05:02

#********************************************************************************
# Exploit Title : Mybb Ajaxfs Plugin Sql Injection vulnerability
#
# Exploit Author : Ashiyane Digital Security Team
#
# Vendor Homepage : http://mybb.com
#
# Software Link : http://mods.mybb.com/download/ajax-forum-stat-v-2
#
# Google Dork : inurl:ajaxfs.php?tooltip=
#
# Date: 2013/11/19
#
# Tested on: Windows 7 , Linux
#
# Discovered by : ACC3SS
-------------------------------------------------------------------
# Exploit : Sql Injection
#
# Location : [Target]/ajaxfs.php?tooltip=[Sql Injection]
#
#################################################################################

Fixes

No fixes

In order to submit a new fix you need to be registered.