Jump to content
xisto Community
Sign in to follow this  
echo.defender

Attention All Ipb Users/admin Important exploit discovered

Recommended Posts

Invision Power Board v2.1.6 ? 2006 IPS, Inc.

 

 

This is what it is written on the bottom of the board.

 

Not so long ago, i was surfing somewhere, (i wont say where) and i discovered a "sql injection"exploit, a perl script.

 

28. Reload and click on the username to the admin. You are now logged in as an ADMIN!!!

Admins, pm to receive the link where i found this.

with this hack, you can log in with any user without his pass.

 

It's really easy to do, you just need PERL, Opera webbrowser and 3 minutes fo your life...

Share this post


Link to post
Share on other sites

this is why IPB has recently sent out a new update for this version of 2.1.6

http://forums.xisto.com/no_longer_exists/

is the update in which they are talkng about

and here is another IPB Error that was released yesterday... which people need to upgrade on

http://forums.xisto.com/no_longer_exists/

it talks about uploading avatars that will cause cross site scripting...

Share this post


Link to post
Share on other sites

this is why IPB has recently sent out a new update for this version of 2.1.6
http://forums.xisto.com/no_longer_exists/

is the update in which they are talkng about

and here is another IPB Error that was released yesterday... which people need to upgrade on

http://forums.xisto.com/no_longer_exists/

it talks about uploading avatars that will cause cross site scripting...




Yay a good administrator in a forum! thats rare! lol

Share this post


Link to post
Share on other sites

Thanks dude this would have become a serious proble for the forumers. This will alert all th forum admins here and they'll definetly update. If any one of you've been attacked with this exploit then, report it here.

Share this post


Link to post
Share on other sites

Thanks dude this would have become a serious proble for the forumers. This will alert all th forum admins here and they'll definetly update. If any one of you've been attacked with this exploit then, report it here.


i did my good action of the day lol

Share this post


Link to post
Share on other sites

Security exploits like this make me nervous. I used to run an old version of IPB (I only purchased one year or so of updates), but decided to quit using it because of all the new security vulnrabilities.Are these forums updated?

Share this post


Link to post
Share on other sites

this is why IPB has recently sent out a new update for this version of 2.1.6
http://forums.xisto.com/no_longer_exists/

is the update in which they are talkng about

and here is another IPB Error that was released yesterday... which people need to upgrade on

http://forums.xisto.com/no_longer_exists/

it talks about uploading avatars that will cause cross site scripting...




:)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.