##########################
# mybb v1.4.8 search.php blind/query based sql injection vulns
# author: $qL_DoCt0r
# msn: sidthesloth@windowslive.com
# blog: http://full-discl0sure.blogspot.com
# moderator of: http://hackwarez.net
##########################
search.php fails to correctly sanitise the user input validation allowing
error based and query based sql injection to discreetly extract
undisclosed information from the sql database

simple query: ' or 1=1--
blind query: ' having 1=1--
must be registered on forum with 2+ posts for this to work :P

solution: simple add a simple sanitiser for $sqlstring and the search
input variable
!
#GREETINGS: TheMindRapist ~ Qabandi ~ Mr.SQL ~ WEbDEvil


-- 
--------------------------------------------------------------
         This email was sent using Telecom SchoolZone.
                    www.schoolzone.net.nz

This email has been scanned for viruses by Telecom SchoolZone,
but is not guaranteed to be virus-free.
--------------------------------------------------------------