iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (1)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
[Vuln] MyBB and Usergroup Legend Stored XSS
  • Xin
    Posts: 3,251
    Low risk vuln, just found it hence the downtime, as it caused a SQL error as well, gonna report and post full disclosure, its not a serious bug as you would need admin cp access anyway to use it but it could do with being fixed anyway.

    ##########################################################
    #Title: MyBB and Usergroup Legend Stored XSS             #
    #Vendor:            http://www.mybb.com/                 #
    ##########################################################
    #AUTHOR:            Xinapse                              #
    #Email:             iexploittube@gmail.com               #
    #Website:           http://www.iexploit.org              #
    #Forum :            http://www.iexploit.org/community/   #
    #Risk:              Low                                  #
    #Vuln site.com/admin/index.php?module=usergroups                                                   #
    #                                                        #
    ##########################################################
    #                          POC                           #
    ##########################################################
    In Admin CP Create a new Group with the name as your XSS Code
    Then any page showing the script will be effected.
    To get the code to execute on the index.php page, type the XSS code
    into the usergroup legend config.
    XSS Used:
    <script>alert('xss')</script>
    Xin
  • undead
    Posts: 822
    Nice find Xinapse.
  • rareyush
    Posts: 4
    Is it works in all version of mybb ?
  • Sh3llc0d3
    Posts: 1,910
    said:


    Is it works in all version of mybb ?



    It was found in ver 1.6.1 (if I remember rightly) however I think all version's might be vulnerable. Not too sure how far Xinapse tested it.
  • Xin
    Posts: 3,251
    said:


    said:


    Is it works in all version of mybb ?



    It was found in ver 1.6.1 (if I remember rightly) however I think all version's might be vulnerable. Not too sure how far Xinapse tested it.


    Only tested on this one, cant really be classed a vuln as its admin panel.
    Xin
Add a Comment