AOH :: Web BBS :: Frequently Exploited

AOH :: Web BBS :: Frequently Exploited :: B06-4510.HTM
MyBB 1.1.7~ htmlspeacialchar_uni(), fixjavascript(), functions_post.php ~XSS attack

MyBB 1.1.7~ htmlspeacialchar_uni(), fixjavascript(), functions_post.php ~XSS attack MyBB 1.1.7~ htmlspeacialchar_uni(), fixjavascript(), functions_post.php ~XSS attack


ORIGINAL ADVISORY:=0D
http://myimei.com/security/2006-08-15/mybb-117-htmlspeacialchar_uni-fixjavascript-functions_postphp-urlxss-attack.html=0D 
http://kapda.ir/page-advisory.html=0D 
=0D
**************=0D
=97=97=97=97=97=97-Summary=97=97=97=97=97-=0D
Software: MyBB=0D
Sowtware=92s Web Site: http://www.mybboard.com=0D 
Versions: 1.1.7=0D
Class: Remote=0D
Status: Unpatched=0D
Exploit: Available=0D
Solution: Available=0D
Discovered by: imei addmimistrator=0D
Risk Level: low=0D
=97=97=97=97=97=96Description=97=97=97=97=97=0D
There is a security bug in MyBB 1.1.7 software (latest version fully patched) file functions_post.php that allows attacker performe an XSS attack.=0D
=0D
=0D
FOR MORE DETAIL VISIT ORIGINAL ADVISORY

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.