2afed97ceb
16 changes to exploits/shellcodes libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons Google Chrome < M73 - Double-Destruction Race in StoragePartitionService Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML Microsoft VBScript - VbsErase Memory Corruption Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject Google Chrome < M73 - MidiManagerWin Use-After-Free Google Chrome < M73 - FileSystemOperationRunner Use-After-Free Advanced Host Monitor 11.92 beta - Local Buffer Overflow Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit) TheCarProject v2 - Multiple SQL Injection TheCarProject 2 - Multiple SQL Injection Gila CMS 1.9.1 - Cross-Site Scripting MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting eNdonesia Portal 8.7 - Multiple Vulnerabilities Netartmedia Event Portal 2.0 - 'Email' SQL Injection Netartmedia PHP Mall 4.1 - SQL Injection Netartmedia Real Estate Portal 5.0 - SQL Injection
26 lines
No EOL
657 B
Text
26 lines
No EOL
657 B
Text
# Exploit Title: MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting
|
|
# Date: 3/8/2019
|
|
# Author: 0xB9
|
|
# Twitter: @0xB9Sec
|
|
# Contact: 0xB9[at]pm.me
|
|
# Software Link: https://community.mybb.com/mods.php?action=view&pid=1231
|
|
# Version: 1.32
|
|
# Tested on: Ubuntu 18.04
|
|
# CVE: CVE-2019-9650
|
|
|
|
|
|
1. Description:
|
|
This plugin shows upcoming calendar events on the forum index and portal page. Event names are vulnerable to XSS.
|
|
|
|
|
|
2. Proof of Concept:
|
|
|
|
- Go to the calander.php page and add a new event
|
|
- Input a payload for the event name <script>alert('XSS')</script>
|
|
|
|
Payload will be executed on index.php
|
|
|
|
|
|
|
|
3. Solution:
|
|
Update to 1.33 |