bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/23382.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

22 lines
No EOL
757 B
Text
Raw Blame History

# Exploit Title: Social Sites MyBB Plugin 0.2.2 Cross Site Scripting
# Google Dork: inurl:usercp.php?action=socialsites
# Date: 13.12.2012
# Exploit Author: s3m00t
# Vendor Homepage: http://mattrogowski.co.uk/mybb/
# Software Link: http://mods.mybb.com/view/social-sites
# Version: 0.2.2
# Tested on: PHP
Reason:
Lack of input validation at several places.
Proof of Concept:
1. Navigate to "usercp.php?action=socialsites" and you will see a number of
fields as http://i.imgur.com/0tz98.png.
2. Submit below input into any of the field:
" /><script>alert(1)</script><img src="
3. The input will be stored as shown at http://i.imgur.com/Z8bYM.png
Solution:
Replace the content of "inc/plugins/socialsites.php" with this script:
http://pastebin.com/5JLdg4gh
Reference in a new issue View git blame Copy permalink