ID PACKETSTORM:118895
Type packetstorm
Reporter limb0
Modified 2012-12-16T00:00:00
Description
`# Exploit Title: Profile Skype ID MyBB Plugin Stored XSS
# Date: 14/12/2012
# Exploit Author: limb0
# Vendor Homepage: http://www.dragonknightz.net/
# Software Link: http://mods.mybb.com/view/user-profile-skype-id
# Version: 1.0
# Category:Web Security
# Tested on: Linux
+------------------------------------------------------------+
Stored XSS-Instructions
1.Install&Activate plugin
2.Go to UserCP >> Edit Profile >> Skype ID:
3.Inject your string(xss) ex. "><script>alert("Skype ID XSS")</script>
4.Visit your profile and voila
Proof
Inject:https://imageshack.us/photo/my-images/22/screenshotfrom201212141.png/
Result:https://imageshack.us/photo/my-images/41/screenshotfrom201212141.png/
+-------------------------------------------------------------+
Vulnerable code:
function profileskype_update($skype)
{
global $mybb;
if (isset($mybb->input['skype']))
{
$skype->user_update_data['skype'] = $mybb->input['skype'];
}
}
`
{"sourceHref": "https://packetstormsecurity.com/files/download/118895/mybbskype-xss.txt", "sourceData": "`# Exploit Title: Profile Skype ID MyBB Plugin Stored XSS \n# Date: 14/12/2012 \n# Exploit Author: limb0 \n# Vendor Homepage: http://www.dragonknightz.net/ \n# Software Link: http://mods.mybb.com/view/user-profile-skype-id \n# Version: 1.0 \n# Category:Web Security \n# Tested on: Linux \n \n+------------------------------------------------------------+ \nStored XSS-Instructions \n1.Install&Activate plugin \n2.Go to UserCP >> Edit Profile >> Skype ID: \n3.Inject your string(xss) ex. \"><script>alert(\"Skype ID XSS\")</script> \n4.Visit your profile and voila \n \nProof \nInject:https://imageshack.us/photo/my-images/22/screenshotfrom201212141.png/ \nResult:https://imageshack.us/photo/my-images/41/screenshotfrom201212141.png/ \n+-------------------------------------------------------------+ \n \nVulnerable code: \nfunction profileskype_update($skype) \n{ \nglobal $mybb; \nif (isset($mybb->input['skype'])) \n{ \n$skype->user_update_data['skype'] = $mybb->input['skype']; \n} \n} \n \n \n`\n", "edition": 1, "references": [], "modified": "2012-12-16T00:00:00", "hash": "bceb19ee026e72fb7a1a560f19c1f6b92b35ef5bf823a8bcdb457cb07192dab5", "cvelist": [], "history": [], "bulletinFamily": "exploit", "href": "https://packetstormsecurity.com/files/118895/MyBB-Profile-Skype-ID-Cross-Site-Scripting.html", "description": "", "id": "PACKETSTORM:118895", "reporter": "limb0", "lastseen": "2016-11-03T10:16:24", "published": "2012-12-16T00:00:00", "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2016-11-03T10:16:24"}, "vulnersScore": 4.3}, "objectVersion": "1.2", "type": "packetstorm", "cvss": {"vector": "NONE", "score": 0.0}, "title": "MyBB Profile Skype ID Cross Site Scripting", "viewCount": 0, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "description"}, {"hash": "635d793c878657d314d5c1c611f94320", "key": "href"}, {"hash": "cfa32998a4456c9feed93d3f61c3bd1b", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "cfa32998a4456c9feed93d3f61c3bd1b", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "a89abf7f6d417790247f0eaa1fbf283a", "key": "reporter"}, {"hash": "0e6500e0e4fd12f426bd566318de5782", "key": "sourceData"}, {"hash": "fc043ea12bce587f21629a0f4a258641", "key": "sourceHref"}, {"hash": "f9fe98d4a283cdea5919f68e8f374c96", "key": "title"}, {"hash": "6466ca3735f647eeaed965d9e71bd35d", "key": "type"}]}
{}