MyBB KingChat Plugin - Persistent XSS

ID EDB-ID:23249
Type exploitdb
Reporter VipVince
Modified 2012-12-09T00:00:00


MyBB KingChat Plugin - Persistent XSS. Webapps exploit for php platform

                                            Exploit Title: MyBB 'kingchat' chat-box plugin.
Google Dork: inurl:/kingchat.php?
Date: 8/12/12
Author: VipVince
Vendor Homepage:
Software LinK:
Tested on: Windows

Using the dork  inurl:/kingchat.php? you will see multiple forums running this chat plugin.

Note *Registration on the forums is required* for persistent XSS to work.

Now click a random forum with this plugin installed and you will see this:

Remove 'notic' at the end of the URL and add "chat=2&1=2" to our query so it becomes:


You will see the vulnerable chat box :). Submit your XSS for instance <script>alert("vipvince")</script>

Now to see our saved JavaScript alert go to:


Your persistant XSS will be stored here.

Enjoy ;). VipVince.