Here also it's an another bug on one of most used Online boards system. Bug it's founded by my friend silic0n
------------------------------------------------------------------------------- 0 | | | | | | TM 1 _______ _ __ ___ ______| |__ __ _ ___| | _____ _ __ _ __ ___| |_ 0 |_ / _ \| '_ \ / _ \______| '_ \ / _` |/ __| |/ / _ \ '__| '_ \ / _ \ __| 1 / / (_) | | | | __/ | | | | (_| | (__| < __/ | _| | | | __/ |_ 0 /___\___/|_| |_|\___| |_| |_|\__,_|\___|_|\_\___|_|(_)_| |_|\___|\__| 1 0xPrivate 0xSecurity 0xTeam 0 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 A Placec Of 0days ------------------------------------------------------------------------------ ^ Exploit title: PhpBB2 Module "Custom Mass PM" Cross Site Scripting Vulnerability ^ Author : Silic0n (science_media017[At]yahoo.com) ^ MOD Title: Custom mass PM ^ MOD Description: Add mass PM functionnality to group members (or all forums members) for authorized users. Add the possibility for all users to send ordinary PM to multiple users (usernames separated by a semi-colon) ^ MOD Version: 1.4.7 ^ Exploit Release: 8/27/2011 ^ Vulnearble script: privmsg.php
Read Full Exploit: Inj3ct0r
Thanks to my bro Silic0n for this sharing :) And also to ZH-Team <3
0 comments:
Post a Comment