original advisory: http://myimei.com/security/2006-01-14-mybb-102searchphpxss-attackandmore/index.html --------------- ?????-Summary?????- Software: MyBB Sowtware?s Web Site: http://mybboard.com Versions: 1.0.2 Class: Remote Status: patched in 1.0.3 Exploit: Available Solution: Available Discovered by: imei Risk: low ??????Description????? mybb has a security bug that allows hacker to know that what is the table perfix value in database also can perform a XSS attack. bug is in result of leaving some unneeded codes in search.php file. ?????Exploit???????- go to this url in forum search.php?s=de1aaf9b&action=do_search&keywords=%3Cscript%3E alert(1)%3C/script%3E&srchtype=3 ?????Solution??????? No Patch available. (bug reported to vendor today) ?????Credit???????? Discovered by: imei addmimistrator addmimistrator[4]gmail[O]com www.myimei.com security.myimei.com
