b42759b8b8
15 changes to exploits/shellcodes jiNa OCR Image to Text 1.0 - Denial of Service (PoC) PixGPS 1.1.8 - Denial of Service (PoC) RoboImport 1.2.0.72 - Denial of Service (PoC) PicaJet FX 2.6.5 - Denial of Service (PoC) iCash 7.6.5 - Denial of Service (PoC) PDF Explorer 1.5.66.2 - Denial of Service (PoC) Infiltrator Network Security Scanner 4.6 - Denial of Service (PoC) Apple macOS 10.13.4 - Denial of Service (PoC) CirCarLife SCADA 4.3.0 - Credential Disclosure Rubedo CMS 3.4.0 - Directory Traversal SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting (XSS) SynaMan 4.0 build 1488 - SMTP Credential Disclosure IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection MyBB 1.8.17 - Cross-Site Scripting LG Smart IP Camera 1508190 - Backup File Download
21 lines
No EOL
799 B
Text
21 lines
No EOL
799 B
Text
# Exploit Title: MyBB 1.8.17 - Cross-Site Scripting
|
|
# Date: 2018-08-11
|
|
# Author: 0xB9
|
|
# Twitter: @0xB9Sec
|
|
# Contact: 0xB9[at]pm.me
|
|
# Software Link: https://mybb.com/download/
|
|
# Version: 1.8.17
|
|
# Tested on: Ubuntu 18.04
|
|
# CVE: CVE-2018-15596
|
|
|
|
# 1. Description:
|
|
# On the forum RSS Syndication page you can generate a URL for example...
|
|
# http://localhost/syndication.php?fid=&type=atom1.0&limit=15, the thread titles on
|
|
# those generated links aren't sanitized.
|
|
|
|
# 2. Proof of Concept:
|
|
|
|
- Make or find a thread of yours on the RSS feed
|
|
- Use this payload as the thread title <a href="//google.com">Cool Thread Title</a>
|
|
- View RSS feed with your thread again but with the generated URL and click on your thread
|
|
- When the thread is clicked you will be redirected to google.com |