DreamArticle 3.0 background the validation logic vulnerability and injection vulnerabilities, resulting in a direct login to backend-bug warning-the black bar safety net

Team: bbs.wolvez.org By q1ur3n 在 admin/global.php there is such a piece of code, used to implement the”remember password”in the login back-office functions. $administrator = getcookie"administrator"; $adminpassword = getcookie"adminpassword"; if $administrator && $adminpassword...

[KAPDA]MyBB 1.1.7 ~ admin/global.php ~ XSS Attack

ORIGINAL ADVISORY: http://myimei.com/security/2006-08-17/mybb-117-adminglobalphp-xss-attack.html http://kapda.ir/page-advisory.html ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.1.7 Class: Remote Status: Unpatched Exploit: Available Solution: Availab...