XSS and SQL Injection Thread, please check.

razgriz47 · June 09, 2006, 02:50:49 AM

Someone claim that he just found a serious enough XSS and SQL Injection for SMF 1.0.7 and RC 1.1.

http://www.indoforum.org/showthread.php?t=1369

The red box, if translated, roughly means.

Quote
So It's better to use a licensed vBul... SMF's security also has start to decrese. Recently, people has detected a serious enough XSS and SQL Inject for SMF 1.0.7 and RC 1.1 .. I think the Legend about the security of SMF is starting to decrease.

I guess he can be trusted because he has hacked many-many forum.
And he can decrypt md5 hash O___o
That's how he got everybody password....

Please check it out.

News:

XSS and SQL Injection Thread, please check.

razgriz47