Subscribe via feed.

MyBB 1.8.12 Stored XSS / File Enumeration

Posted by deepcore on June 14, 2017 – 4:15 pm

MyBB versions 1.8.12 and prior is vulnerable to a cross site scripting bug which can allow a moderator to take over an administrator’s account and upload a webshell, or perform file enumeration in the instances where it is not possible to spawn a shell.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.