MyBB Extended Useradmininfo Plugin 1.2.1 – Cross-Site Scripting

• Exploit Database
• 10 阅读

• 作者： Fikri Fadzil
  日期： 2014-02-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/31525/

• # Exploit Title: Extended Useradmininfo MyBB Plugin 1.2.1 - Cross Site
  Scripting
  # Google Dork: N/A
  # Date: 09.02.2014
  # Exploit Author: Fikri Fadzil - fikri.fadzil@impact-alliance.org
  # Vendor Homepage: http://forum.mybboard.de/user-9022.html
  # Software Link: http://mods.mybb.com/view/extended-useradmininfo
  # Version: 1.2.1
  # Tested on: PHP
  
  Description:
  This plugin shows advanced Informations about a user, such as last IP, User
  Agent, Browser and Operating System. The information will be shown in a
  user profile and visible onlyfor people who are able to see the
  adminoptions on user profiles.
  
  Proof of Concept
  1. Create a user account.
  2. Change your user-agent to "Mozilla<script>alert(1)</script>".
  3. Login and then... logout.
  
  * The script will be executed whenever the administrator view your profile.
  
  
  Solution:
  Replace the content of "inc/plugins/extendeduseradmininfos.php" with this
  fix:
  http://pastebin.com/ncQCvwdq