English | Vietnamese
 

banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register   [Login] Loginhttp  | https  ]
 
Forum Index Thông tin new bugs và exploits MyBulletinBoard Global.PHP XSS Vuln  XML
  [Question]   MyBulletinBoard Global.PHP XSS Vuln 02/09/2006 20:38:25 (+0700) | #1 | 20152
[Avatar]
 LeonHart
HVA Friend
Joined: 10/01/2003 11:11:52
Messages: 215
Location: Secret
Offline
[Profile] [PM]
Code:
Class:  	 Input Validation Error
CVE: 	
Remote: 	Yes
Local: 	No
Published: 	Aug 30 2006 12:00AM
Updated: 	Aug 30 2006 06:23PM
Credit: 	imei addmimistrator is credited with the discovery of this vulnerability.

Vulnerable: 	
MyBulletinBoard MyBulletinBoard 1.1.7
MyBulletinBoard MyBulletinBoard 1.1.6
MyBulletinBoard MyBulletinBoard 1.1.5
MyBulletinBoard MyBulletinBoard 1.1.4
MyBulletinBoard MyBulletinBoard 1.1.3
MyBulletinBoard MyBulletinBoard 1.1.2
MyBulletinBoard MyBulletinBoard 1.1.1
MyBulletinBoard MyBulletinBoard 1.1
MyBulletinBoard MyBulletinBoard 1.0.4
MyBulletinBoard MyBulletinBoard 1.0.3
MyBulletinBoard MyBulletinBoard 1.0.2
MyBulletinBoard MyBulletinBoard 1.0.1
MyBulletinBoard MyBulletinBoard 1.0 PR2
MyBulletinBoard MyBulletinBoard 1.0

Not Vulnerable: 	
MyBulletinBoard MyBulletinBoard 1.1.8 

This issue can be exploited through a web client.

An example URI has been provided:
 http://www.example.com/admin/index.php?_SERVER[PHP_SELF]=http://www.example.com
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|