Simple Machines Forum 1.1.6 Filter Post Bypass Vulnerability
Published:2008-10-04
Submit Info:kiki (kikize_at_163.com)
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
Name: SMF 1.1.6 Filter Post Bypass
Author: WHK
WebSite: http://www.jccharry.com/
en{
The data in a post are not filtered properly when someone enters
statements BBCode wrong without content that a user can enter
words banned by the system of restrictions by allowing expose
SPAM content, and so on.
}
es{
Los datos en un post no son filtrados adecuadamente cuando alguien
ingresa declaraciones bbcode sin contenido probocando que un
usuario pueda ingresar palabras prohibidas por el sistema de
restricciones permitiendo exponer contenido SPAM, etc.
}
Example of a post / Ejemplo de un post:
------------------------------------------------------------------
[color=red][size=20pt]Fu[url][/url]ck you admin![/size][/color]
My SPAM: [b]ht[b][/b]tp://www.jc[i][/i]charry.com/[/b] >:D
------------------------------------------------------------------
Demo:
http://www.jccharry.com/archivos_publicos/smf_filter_post_bypass.png// Sebug.net [ 2008-10-05 ]