vbultop-xss.txt

2007-06-21T00:00:00
ID PACKETSTORM:57258
Type packetstorm
Reporter rUnViRuS
Modified 2007-06-21T00:00:00

Description

                                        
                                            `+--------------------------------------------------------------------  
+  
+ New post Topic Hijacking XSS All vBulletin® v 3.x.x  
+  
+--------------------------------------------------------------------  
+ vendor site........: http://www.vbulletin.com/  
+ Affected Software .: vbulletin  
+ Class .............: XSS  
+ Risk ..............: Low  
+ Found by ..........: rUnViRuS  
+ Original advisory .: http://www.sec-area.com/  
+ Contact ...........: stormhacker[at]hotmail[.]com  
+ Vulnerable Script..: showthread.php  
+--------------------------------------------------------------------  
New Include Redirect Bug XSS [showthread.php] All vBulletin v 3.x.x  
  
This injections would allow an attacker to stealing cookies who be opened url  
  
Xss the page and steal cookie :  
  
xss permanent ( must be post Topic and upload Any File Have Code Xss ) PoC :  
  
<script>alert(document.cookie)</script>.  
  
to be used with cookie stealer following is a simple attack :-  
post Topic :-  
click on insert link :-   
Hyperlink information  
type :- (other)  
URl :- ../../xss.txt ( path XSS File On Site[Include Path])  
  
  
When opened url Will stealing cookies  
+--------------------------------------------------------------------  
+ [W]orld [D]efacers [T]eam  
+ Greets:  
+ || rUnViRuS || - || Provide || - || HeX || - || dEv!L RoOT || + || BlackWHITE || - || dOcnok || - || A.tar0uDant.D ||  
+ || Pro Hacker || - || DARKFIRE || - || papipsycho ||  
+ Sp.Thanx To : Sec-Area.com Member's  
+-------------------------[ W D T ]----------------------------------  
`