Computer Security

Security Advisory: MyBB (FWS Mod) reflected XSS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  gigCalendar 1.0 (venuedetails.
php) Joomla Component SQL Injection

  gigCalendar 1.0 (banddetails.
php) Joomla Component SQL Injection

  gigCalendar Joomla Component 1.0 SQL Injection

  E107 CMS (e107_plugins/gue
stbook) stored XSS

From:ettee_(at)_itdefence.ru <ettee_(at)_itdefence.ru>
Date:23.02.2009
Subject:MyBB (FWS Mod) reflected XSS

MyBB (FWS Mod) reflected XSS
Mod Name: Forum Warning System (http://community.mybboard.net/attachment.php?aid=6814)
Vulnerable piece of code:
//USERCP AND PM CHANGES
elseif($file == "usercp.php" || $file == "private.php")
{
 if(function_exists("imagecreatefrompng") && $mybb->user['fws_warnings'] != 0)
 {
  if($mybb->user['fws_warnings'] <= 14 && $mybb->user['fws_warnings'] > 0) $addition = " ".fws_warning_colour($mybb->user['fws_warnings'].
"%");
  $fws_current_w_level = '<img src="fws.php?action=image&wl='.$mybb-
>user['fws_warnings'].'" alt="'.$mybb->user['fws_warnings'].'%" title="'.$mybb->user['fws_warnings'].'%" border="0" />'.$addition;
 }
Example: http://mybboard.it/forum/fws.php?action=image&wl=/\<sCRIPT>alert(
"xss")</sCRIPT>\
Google dork: inurl:fws.php
     "MyBB" inurl:fws.php
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru