MyBB Recent Threads On Index 17.0 Cross Site Scripting

MyBB Recent Threads On Index 17.0 Cross Site Scripting: Posted Apr 9, 2018; Authored by Perileos; MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 7f5bcd5124a0662b2bb26f4c57c2a8c8520f51a4ccc24e3ab6702ae8d5f63d02; Download | Favorite | View

MyBB Recent Threads On Index 17.0 Cross Site Scripting

# Exploit Title: MyBB Recent threads
# Date: 4th April 2018
# Exploit Author: Perileos
# Software Link: https://community.mybb.com/mods.php?action=view&pid=191
# Version: 17.0
# Tested on: Windows 10
 
1. Description:
This plugin shows recent threads in the side bar on your MyBB forum.
 
2. Proof of concept:
 
Persistent XSS
- Create a thread with the following subject <p
"""><SCRIPT>alert("XSS")</SCRIPT>">
- Navigate to the index to see a board wide persistent XSS alert.

Top Authors In Last 30 Days

Red Hat 234 files
indoushka 93 files
Ubuntu 87 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,099)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,756)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,521)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,747)
UNIX (9,436)
UnixWare (187)
Windows (6,674)
Other

MyBB Recent Threads On Index 17.0 Cross Site Scripting

MyBB Recent Threads On Index 17.0 Cross Site Scripting

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

MyBB Recent Threads On Index 17.0 Cross Site Scripting

Share This

MyBB Recent Threads On Index 17.0 Cross Site Scripting

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems