^ Exploit title: PhpBB2 Module "Custom Mass PM" Cross Site Scripting Vulnerability ^ Author : Silic0n (science_media017[At]yahoo.com) ^ MOD Title: Custom mass PM ^ MOD Description: Add mass PM functionnality to group members (or all forums members) for authorized users. Add the possibility for all users to send ordinary PM to multiple users (usernames separated by a semi-colon) ^ MOD Version: 1.4.7 ^ Exploit Release: 8/27/2011 ^ Vulnearble script: privmsg.php -------------------- ^ Payload -------------------- 0x1 : Goto forum_script/Privmsg.php 0x2 : Username Input Box write Malicious JS eg :<script>alert(document.cookie)</script> -------------------- ^ Vulnearble code -------------------- $to_username_array = explode (";", $HTTP_POST_VARS['username']); -------------------- Fix : -------------------- $to_username = phpbb_clean_username($HTTP_POST_VARS['username']); $to_username_array = explode (";", $to_username); Special Thnanks To mafi, Gaurav_raj420 , Exidous , Mr 52 (7) , Dalsim , Zetra , root4o , D4rk, Danzel, messsy , Thor ,abronsius ,Nova , jaya ,@ry@n ,entr0py, -[SiLeNtp0is0n]- ,Ne0_Hacker, InX_R00t,DODo(:P) All ZH , DK & G4H members :) ------------ ^ Site ------------ www.igniteds.net (ConsoleFx)
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论