Related information

CGI bugs

Xpede many vulnerabilities

postnuke v 0.7.0.3 remote command execution

CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable)

Instant Web Mail additional POP3 commands and mail headers

From:	frog frog <leseulfrog_(at)_hotmail.com>
Date:	26.03.2002
Subject:	[IMG] tag vulnerability in vBulletin

product :

vbulletin



versions :

2.2.2, 2.2.0 , maybe others.



Probleme :



One knows that if one sendings this code in private

message :

[IMG]javascript:alert('hum');[/IMG]

a space will be placed between "java" and "script".



This filter can be by-passed :

[IMG]javascript:alert('hop');[/IMG]



More details in french :

http://www.ifrance.com/kitetoua/tuto/vBulletin.txt



Translated by google :

http://translate.google.com/translate?u=http%3A%

2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto%

2FvBulletin.txt&langpair=fr%7Cen&hl=fr&prev=%

2Flanguage_tools



frog-m@n