MyBB 1.8.17 – Cross-Site Scripting

Exploit Database
102 阅读

作者： 0xB9

日期： 2018-09-12
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/45393/

# Exploit Title: MyBB 1.8.17 - Cross-Site Scripting
# Date: 2018-08-11
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://mybb.com/download/
# Version: 1.8.17
# Tested on: Ubuntu 18.04
# CVE: CVE-2018-15596

# 1. Description:
# On the forum RSS Syndication page you can generate a URL for example... 
# http://localhost/syndication.php?fid=&type=atom1.0&limit=15, the thread titles on 
# those generated links aren't sanitized. 
 
# 2. Proof of Concept:

- Make or find a thread of yours on the RSS feed
- Use this payload as the thread title<a href="https://google.com">Cool Thread Title</a>
- View RSS feed with your thread again but with the generated URL and click on your thread
- When the thread is clicked you will be redirected to google.com

last Exploits
MyBB 1.8.17 – Cross-Site Scripting的更多信息

Joomla! Component Address Book – Blind SQL Injection：
reos 2.0.5 – Multiple Vulnerabilities：
Control Web Panel 7 (CWP7) v0.9.8.1147 – Remote Code Execution (RCE)：
Drupal 6.15 – Multiple Persistent Cross-Site Scripting Vulnerabilities：
DynPG CMS 4.1.0 – Multiple Vulnerabilities：
Drupal Module Drag & Drop Gallery 6.x-1.5 – ‘upload.php’ Arbitrary File Upload：
GoAutoDial CE 2.0 – Arbitrary File Upload：
WordPress Plugin BackWPUp 2.1.4 – Code Execution：