- 30 Maggio 2008
- 736
- 0
- Miglior risposta
- 0
################################################################################ #
#
# MyBulletinBoard (MyBB) <= 1.4.1 XSS Vulnerability
#
# found by: J0hn.X3r
# Critical: Middle
# Date: 22.08.2008
# Contact:
# [+]ICQ: 573813
# [+]Mail: J0hn.X3r@gmail.com
# Greetz to: nexos, Barbers, tmh, electron1x, Patrick_B, Five-Three-Nine, f0Gx, Lidloses_Auge, Sys-Flaw, Free-hack
#
################################################################################ ##########################################
#
# [XSS]
#
# Note: You need permissions to create an announcement.
#
#
#
# You can add your script code as the title of the announcement:
#
# Example: "Title: <script>alert(document.cookie)</script>"
#
#
# [XSS]
#
# Note: You need to be a registered member.
#
#
#
# Send a private message to a member (or an admin) and send your code as subject.
# Recipients: "username"
# Subject: [XSS]
# Message: "message.."
#
# Example: "Subject: <script>alert(document.cookie)</script>"
#
# Notes:
#
# The advantage is, that the exploited user will automatically run the script code, because there is a hint like this on every page of the board he is visiting:
#
# You have one unread private message from "username" titled [XSS]
#
################################################################################ ##########################################
[AVVERTENZA]Non mi assumo nessuna responsabilità dell' uso di questo materiale postato[/AVVERTENZA]
#
# MyBulletinBoard (MyBB) <= 1.4.1 XSS Vulnerability
#
# found by: J0hn.X3r
# Critical: Middle
# Date: 22.08.2008
# Contact:
# [+]ICQ: 573813
# [+]Mail: J0hn.X3r@gmail.com
# Greetz to: nexos, Barbers, tmh, electron1x, Patrick_B, Five-Three-Nine, f0Gx, Lidloses_Auge, Sys-Flaw, Free-hack
#
################################################################################ ##########################################
#
# [XSS]
#
# Note: You need permissions to create an announcement.
#
#
Perfavore,
Entra
oppure
Registrati
per vedere i Link!
#
# You can add your script code as the title of the announcement:
#
# Example: "Title: <script>alert(document.cookie)</script>"
#
#
# [XSS]
#
# Note: You need to be a registered member.
#
#
Perfavore,
Entra
oppure
Registrati
per vedere i Link!
#
# Send a private message to a member (or an admin) and send your code as subject.
# Recipients: "username"
# Subject: [XSS]
# Message: "message.."
#
# Example: "Subject: <script>alert(document.cookie)</script>"
#
# Notes:
#
# The advantage is, that the exploited user will automatically run the script code, because there is a hint like this on every page of the board he is visiting:
#
# You have one unread private message from "username" titled [XSS]
#
################################################################################ ##########################################
[AVVERTENZA]Non mi assumo nessuna responsabilità dell' uso di questo materiale postato[/AVVERTENZA]
