Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
XSS VULNERABILITY FOUND IN MYBB
10-09-2013, 01:01 AM
Post: #1
XSS VULNERABILITY FOUND IN MYBB
Ion do take immediate actions, my big br0 ETHICALNOOB told me on fb recently that MYBB is full of XSS and he gave me this a link for prove.

I remember our dear master-land is now MYBB so i decided to share it with u br0.

Here's a vulnerable part
http://www.master-land.net/admin/modules/user/users.php
Find all posts by this user
Like Post Quote this message in a reply
10-12-2013, 03:23 PM
Post: #2
RE: XSS VULNERABILITY FOUND IN MYBB
If you have an working example (a simple alert would do) then i can take actions till then there isn't much i can do...
Find all posts by this user
Like Post Quote this message in a reply
10-17-2013, 10:00 AM
Post: #3
RE: XSS VULNERABILITY FOUND IN MYBB
I think it is on user title when u enter a xss code in user title and then goto administrator log then its get executed.

I am not sure maybe fixed in mybb 1.6.10 or 1.6.11. big grin
Find all posts by this user
Like Post Quote this message in a reply
05-09-2014, 08:19 PM
Post: #4
how to add a video from youtube
Hello!
Administrators, please tell me how to add a video from youtube to a post?

Thanks!
Find all posts by this user
Like Post Quote this message in a reply
05-10-2014, 01:23 AM
Post: #5
RE: XSS VULNERABILITY FOUND IN MYBB
hmmm sounds interresting maybe or probably big grin
Visit this user's website Find all posts by this user
Like Post Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)