ad4b4f15f3
11 changes to exploits/shellcodes Linux Kernel < 4.16.11 - 'ext4_read_inline_data()' Memory Corruption Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit) Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit) Clone2GO Video converter 2.8.2 - Buffer Overflow 10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) 10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow (SEH) 10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH) WebKitGTK+ < 2.21.3 - Crash (PoC) WebKit - not_number defineProperties UAF (Metasploit) EMS Master Calendar < 8.0.0.20180520 - Reflected Cross-Site Scripting EMS Master Calendar < 8.0.0.20180520 - Cross-Site Scripting MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Pagekit < 1.0.13 - Cross-Site Scripting Code Generator Brother HL Series Printers 1.15 - Cross-Site Scripting Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email)
25 lines
No EOL
662 B
Text
25 lines
No EOL
662 B
Text
# Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting
|
|
# Date: 6/2/2018
|
|
# Author: 0xB9
|
|
# Twitter: @0xB9Sec
|
|
# Contact: 0xB9[at]pm.me
|
|
# Software Link: https://community.mybb.com/mods.php?action=view&pid=842
|
|
# Version: 1.0
|
|
# Tested on: Ubuntu 18.04
|
|
# CVE: CVE-2018-11715
|
|
|
|
|
|
1. Description:
|
|
Creates a page that shows threads that the user has posted in when they have unread replies.
|
|
|
|
|
|
|
|
2. Proof of Concept:
|
|
|
|
- Create or reply to a thread with the following subject <script>alert('XSS')</script>
|
|
- When someone replies to the thread you will see the alert here /misc.php?action=myrecentthreads
|
|
|
|
|
|
|
|
3. Solution:
|
|
Update to 1.1 |