[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MyBB 1.4.2: Multiple Vulnerabilties

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: MyBB 1.4.2: Multiple Vulnerabilties
From: krzysztof.kozlowski@xxxxxxxxxxxx
Date: Mon, 27 Oct 2008 15:14:29 -0600

And a solution for first bug (XSS):


File: functions.php, function redirect()

FIND:
----------------
function redirect($url, $message="", $title="")
{
global $header, $footer, $mybb, $theme, $headerinclude, $templates, $lang, 
$plugins;

$redirect_args = array(?url? => &$url, ?message? => &$message, ?title? => 
&$title);

$plugins->run_hooks_by_ref(?redirect?, $redirect_args);

if($mybb->input['ajax'])
----------------
REPLACE WITH:
----------------
function redirect($url, $message="", $title="")
{
global $header, $footer, $mybb, $theme, $headerinclude, $templates, $lang, 
$plugins;

$redirect_args = array(?url? => &$url, ?message? => &$message, ?title? => 
&$title);

$plugins->run_hooks_by_ref(?redirect?, $redirect_args);

$url = addslashes($url) ;
if($mybb->input['ajax'])
----------------

Prev by Date: Re: Writeup by Amit Klein (Trusteer): Address Bar Spoofing for IE6
Next by Date: [ MDVSA-2008:216 ] emacs
Previous by thread: MyBB 1.4.2: Multiple Vulnerabilties
Next by thread: MSF eXploit Builder v2 Alpha Sources Released
Index(es):
- Date
- Thread