Wednesday, 21 February 2018

MyBB Forum 1.8.14 Vulnerability: Cross Site Request Forgery(CSRF)



This post is about vulnerability which I found in MyBB Forum and POC's are created under Windows 10 platform.

Exploit Title : MyBB Forum 1.8.14
Exploit Author : Pranav Jagtap
Tested On : Windows 10 64 Bit
LinkedIn : iampranavjagtap
Twitter :pranavH4x0r



CSRF Vulnerability:


Authentication : Required

Description:
MyBB Forum is not checking the valid CSRF token so an attacker could able to trick the authenticated user to delete the existing user from the forum.


POC VIDEO










Posted by at No comments:

Wednesday, 7 February 2018

MyBB Forum 1.8.14 Vulnerability: Stored XSS.



This post is about vulnerabilities which I found in MyBB Forum and POC's are created under Windows 10 platform.

Exploit Title : MyBB Forum 1.8.14
Exploit Author : Pranav Jagtap
Tested On : Windows 10 64 Bit
LinkedIn : iampranavjagtap
Twitter :pranavH4x0r



 Stored XSS Vulnerability:


Authentication : Required

Description:
MyBB Forum is not validating and sanitizing the user input properly.By taking an advantage of this loophole an attacker is able to insert malicious the JavaScript and able to store it permanently into the forum.
Please check out the video for more info.


POC VIDEO












Posted by at No comments:
Subscribe to: Posts (Atom)