MyBB Thank You/Like Plugin 3.0.0 – Cross-Site Scripting

Exploit Database
88 阅读

作者： 0xB9

日期： 2018-08-10
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/45178/

# Exploit Title: MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting
# Date: 8/1/2018
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://community.mybb.com/mods.php?action=view&pid=360
# Version: 3.0.0
# Tested on: Ubuntu 18.04
# CVE: CVE-2018-14888


1. Description:
This plugin allows users to thank/like other users threads/posts. In user profiles it shows your most liked post/thread, the post/thread subjects aren't sanitized to user input.
 

2. Proof of Concept:

- Use the following as the post/thread subject<script>alert('XSS')</script>
- Get that post/thread liked by another user (or you)
- Visit your profile to see alert.


3. Solution:
Update to v3.1.0

last Exploits
MyBB Thank You/Like Plugin 3.0.0 – Cross-Site Scripting的更多信息

WordPress Plugin IWantOneButton 3.0.1 – Multiple Vulnerabilities：
Aero CMS v0.0.1 – SQL Injection (no auth)：
Site2Ntite Vacation Rental (VRBO) Listings – SQL Injection：
2DayBiz ybiz Freelance Script – SQL Injection：
Joomla! Component com_mtree 2.1.5 – Arbitrary File Upload：
Lunar CMS 3.3 – Remote Command Execution：
Joomla! Component com_dcnews – Local File Inclusion：
Patient Appointment Scheduler System 1.0 – Unauthenticated File Upload：