vBulletin vCard PRO gbrowse.php sortby Variable XSS

2007-01-01T01:13:28
ID OSVDB:33359
Type osvdb
Reporter OSVDB
Modified 2007-01-01T01:13:28

Description

Manual Testing Notes

http://[target]/vcard/gbrowse.php?cat_id=9&sortby=[XSS]

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0007.html ISS X-Force ID: 31182 CVE-2007-0054 Bugtraq ID: 21844