Ubuthathaka obuninzi buchongiwe kwi-injini yasimahla yokudala iiforum zewebhu i-MyBB, ezidityanisiweyo zivumela ukwenziwa kwekhowudi ye-PHP kumncedisi. Iingxaki zivele ekukhutshweni kwe-1.8.16 ukuya kwi-1.8.25 kwaye zilungiswe kwi-MyBB 1.8.26 update.
Ubuthathaka bokuqala (CVE-2021-27889) ivumela ilungu leforum engafanelekanga ukuba ifake ikhowudi yeJavaScript kwizithuba, iingxoxo kunye nemiyalezo yangasese. Iforamu ikuvumela ukuba ungeze imifanekiso, uluhlu, kunye nedatha yemultimedia ngokusebenzisa iithegi ezikhethekileyo eziguqulelwe kwi-markup ye-HTML. Ngenxa yempazamo kwikhowudi yoguqulelo yeethegi ezinjalo, uyilo lwe-URL ephindiweyo [img]http://xyzsomething.com/image?)http://x.com/onerror=alert(1);//[/img ] iguqulwa ibe V
Ubuthathaka besibini (CVE-2021-27890) kwenza kube lula ukutshintsha imiyalelo yeSQL kwaye ufezekise ukwenziwa kwekhowudi yakho. Ingxaki yenzeka ngenxa yokubeka endaweni ye-$theme['templateset'] kumzimba wombuzo weSQL ngaphandle kococo olululo kunye nokuphumeza izinto ze ${...} ngomnxeba wokulinganisa. Umzekelo, unokusebenzisa umyalelo we-PHP passthru('ls') xa ulungisa umxholo ngolwakhiwo olunje: ') KUNYE 1=0 IMANYANO YOMBHOXO Isihloko, '${passthru(\'ls\')}' ukusuka kwi-mybb_templates —
Ukuxhaphaza ubuthathaka besibini, kufuneka usebenzise iseshoni enamalungelo omlawuli weforum. Ukuze ukwazi ukuthumela isicelo ngamalungelo omlawuli, umhlaseli unokuthatha inzuzo yokuqala kwaye athumele umlawuli umyalezo wangasese ngekhowudi yeJavaScript, eya kuthi, xa ijongwa, isebenzise umngcipheko wesibini.
umthombo: opennet.ru
