——————-Summary—————-
Software: MyBB
Sowtware’s Web Site: http://www.mybboard.com
Versions: 1.1.7
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Available
Discovered by: imei addmimistrator
Risk Level: Medium
—————–Description—————
There is some security bug in MyBB 1.1.7 software (latest version fully patched) file admin/global.php that allows attacker performe an XSS attack.
Bug is in result of trust to variable $_SERVER[PHP_SELF] that may dont point to script that is executing and it is a misunderstand of PHP documentation.
————–Exploit———————-
/admin/index.php/”><script>alert(1)</script>
———–Solution———————
upgrade to vendors provided patch
————–Credit———————–
Discovered by: imei addmimistrator
addmimistrator(4}gmail(O}com
www.myimei.com
Its been patched in 1.1.8 so you can mark it patched
Left by tikitiki on September 4th, 2006
Solution: Available
———–Solution———————
upgrade to vendors provided patch
;)
all of mybb advisories had patched beforerelease cause of concerting with Chris.
also:
vendor credit:
http://community.mybboard.net/showthread.php?tid=11697
Left by imei on September 4th, 2006
[…] ORIGINAL ADVISORY: http://myimei.com/security/2006-08-17/mybb-117-adminglobalphp-xss-attack.html http://kapda.ir/page-advisory.html […]
Left by NTEK Technologies » Blog Archive » [KAPDA]MyBB 1.1.7 ~ admin/global.php ~ XSS Attack on September 15th, 2006