Hi , i didn't update the blog for some time as i was busy with some other stuff but now onward some cool stuff coming soon which i found but didn't publish them..
Mybb XSS , some days back i found a advisory XSS in search.php
Reference : http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/
After reading the article and little reviewing the code i found same types of function were coded for searching private messages.
So i fuzz the same inputs strings which was used by author in search.php and got private.php also vuln to XSS.
function privatemessage_perform_search_mysql
----in /inc/function_search.php
called in private.php
private.php
POST paramter keywords
Data:<script>alert(/Saadi/)</script>qor'("\2a</script>
P0c
Mybb XSS , some days back i found a advisory XSS in search.php
Reference : http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/
After reading the article and little reviewing the code i found same types of function were coded for searching private messages.
So i fuzz the same inputs strings which was used by author in search.php and got private.php also vuln to XSS.
function privatemessage_perform_search_mysql
----in /inc/function_search.php
called in private.php
private.php
POST paramter keywords
Data:<script>alert(/Saadi/)</script>qor'("\2a</script>
P0c
Moreover Mybb 1.8 alpha is also vuln on private.php..
So this is for today ;)
#Independent Pakistani Security Researcher
2 comments:
Great ideas and fun read.
Ich und du Neu Język niemiecki Klasa 4 (podręcznik wieloletni) NPP
Professionals are already seeing that progression associated with a adhere a similar inside Ca in to several diverse variety. https://imgur.com/a/gYhnRz6 https://imgur.com/a/1y6TDfi https://imgur.com/a/OS2GZaL https://imgur.com/a/exOmShf https://imgur.com/a/crbXM9D https://imgur.com/a/BSTNhrl https://imgur.com/a/V3mNKPD
Post a Comment