Search
Home

imei Addmimistrator’s BugBlog

imei’s security Advisories and researches

« MyBB 1.1.7~ htmlspeacialchar_uni(), fixjavascript(), functions_post.php ~[url]XSS attack
Olate Download 3.4.1 ~ admin.php ~ authentication bypassing »

MyBB 1.1.7 ~ admin/global.php ~ XSS Attack

——————-Summary—————-
Software: MyBB
Sowtware’s Web Site: http://www.mybboard.com
Versions: 1.1.7
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Available
Discovered by: imei addmimistrator
Risk Level: Medium
—————–Description—————
There is some security bug in MyBB 1.1.7 software (latest version fully patched) file admin/global.php that allows attacker performe an XSS attack.

Bug is in result of trust to variable $_SERVER[PHP_SELF] that may dont point to script that is executing and it is a misunderstand of PHP documentation.
————–Exploit———————-
/admin/index.php/”><script>alert(1)</script>
———–Solution———————
upgrade to vendors provided patch
————–Credit———————–
Discovered by: imei addmimistrator
addmimistrator(4}gmail(O}com
www.myimei.com

Posted by imei on Thursday, August 17th, 2006 at 4:08 pm.

3 Responses to “MyBB 1.1.7 ~ admin/global.php ~ XSS Attack”

    Its been patched in 1.1.8 so you can mark it patched ;)

    Left by tikitiki on September 4th, 2006

    Solution: Available
    ———–Solution———————
    upgrade to vendors provided patch
    ;)
    all of mybb advisories had patched beforerelease cause of concerting with Chris.

    also:
    vendor credit:
    http://community.mybboard.net/showthread.php?tid=11697

    Left by imei on September 4th, 2006

    [...] ORIGINAL ADVISORY: http://myimei.com/security/2006-08-17/mybb-117-adminglobalphp-xss-attack.html http://kapda.ir/page-advisory.html [...]

    Left by NTEK Technologies » Blog Archive » [KAPDA]MyBB 1.1.7 ~ admin/global.php ~ XSS Attack on September 15th, 2006

Something to say?

You must be logged in to post a comment.