9 matches found
CVE-2018-25247
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the...
CVE-2018-25247 MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating posts or threads with unvalidated subject content. Attackers can craft post subjects containing script tags that execute when other users view the attacker's profile,...
CVE-2018-25247
The CVE-2018-25247 entry concerns MyBB Like Plugin 3.0.0, which is vulnerable to cross-site scripting via user profiles. The root cause is unvalidated subject content in posts/threads, allowing an attacker to craft post subjects containing script tags that execute when other users view the attack...
CVE-2018-25247 MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the...
MyBB Like Plugin 跨站脚本漏洞
MyBB Like Plugin is an extension for forums developed by MyBB Corporation. Version 3.0.0 of MyBB Like Plugin contains a cross-site scripting vulnerability. This vulnerability arises from the lack of validation of topic content when posts or topics are created, which may allow attackers to inject...
PT-2026-30367
MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating posts or threads with unvalidated subject content. Attackers can craft post subjects containing script tags that execute when other users view the attacker's profile,...
MyBB Like Plugin 3.0.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: MyBB Like Plugin 3.0.0 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Software Link: https://community.mybb.com/mods.php?action=view&pid=360 Version: 3.0.0 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: This plugin allo...
MyBB Like 3.0.0 Cross Site Scripting
Exploit Title: MyBB Like Plugin 3.0.0 - Cross-Site Scripting Date: 2018-08-01 Author: 0xB9 Twitter: @0xB9Sec Software Link: https://community.mybb.com/mods.php?action=view&pid=360 Version: 3.0.0 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: This plugin allows users to thank/like other users...
MyBB Like Plugin 3.0.0 - Cross-Site Scripting
MyBB Like Plugin 3.0.0 - Cross-Site Scripting Exploit Title: MyBB Like Plugin 3.0.0 - Cross-Site Scripting Date: 2018-08-01 Author: 0xB9 Twitter: @0xB9Sec Software Link: https://community.mybb.com/mods.php?action=view&pid=360 Version: 3.0.0 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: This...