Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstorm0xB9PACKETSTORM:161185
HistoryJan 29, 2021 - 12:00 a.m.

MyBB Hide Thread Content 1.0 Information Disclosure

2021-01-2900:00:00
0xB9
packetstormsecurity.com
166
JSON
`# Exploit Title: MyBB Hide Thread Content Plugin 1.0 - Information Disclosure  
# Date: 1/27/2021  
# Author: 0xB9  
# Twitter: @0xB9Sec  
# Contact: 0xB9[at]pm.me  
# Software Link: https://community.mybb.com/mods.php?action=view&pid=1430  
# Version: 1.0  
# Tested on: Windows 10  
# CVE: CVE-2021-3337  
  
1. Description:  
This plugin hides thread content until user replies to the thread. The information disclosure is hidden content can be viewed without replying.  
  
2. Proof of Concept:  
  
- Visit a post where content is hidden  
- Click the reply or quote button below  
Thread content will be displayed in the [quote] bracket without needing to reply  
  
`

Related

prion 1
cve 1
exploitdb 1
prion
prion
Hardcoded credentials
2021-01-28 20:15:00
cve
cve
CVE-2021-3337
2021-01-28 20:15:00
exploitdb
exploitdb
MyBB Hide Thread Content Plugin 1.0 - Information Disclosure
2021-01-29 00:00:00
JSON
Related for PACKETSTORM:161185
prion1cve1exploitdb1