lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060407082100.26549.qmail@securityfocus.com> Date: 7 Apr 2006 08:21:00 -0000 From: addmimistrator@...il.com To: bugtraq@...urityfocus.com Subject: [KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack ORIGINAL ADVISORY: http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html http://kapda.ir/advisory-305.html ---------- ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.1.0 Class: Remote Status: Unpatched Exploit: Private Solution: Not Available Discovered by: imei addmimistrator Risk Level: medume —————–Description————— There is a security bug in MyBB 1.1.0 software (latest version fully patched) that allows attacker performe a XSS cross site scripting attack. VISIT ORIGINALS TO MORE DETAILES;)