UBB.threads 6.4.4 Forum Cross Site Scripting

2010-04-28T00:00:00
ID PACKETSTORM:89028
Type packetstorm
Reporter Cr3w-D
Modified 2010-04-28T00:00:00

Description

                                        
                                            `# Title: UBB.threads™ 6.4.4 forum xss Vulnerability  
# EDB-ID:   
# CVE-ID: ()  
# OSVDB-ID: ()  
# Author: Dr.0rYX and Cr3w-DZ  
# Published:   
# Verified:   
# Download Exploit Code  
# Download N/A  
  
  
  
  
ALGERIAN HACKER  
**********************- NORTH-AFRICA SECURITY TEAM -***********************  
  
[!] Title : UBB.threads™ 6.4.4 forum xss Vulnerability  
[!] Author : Dr.0rYX and Cr3w-DZ  
[!] MAIL : vx3@hotmail.de & Cr3w@hotmail.de  
  
***************************************************************************/  
  
[ Software Information ]  
  
[+] Vendor : http://www.ubbcentral.com/  
[+] script : UBB.threads™ 6.4.4 forum  
[+] Download : https://www.ubbcentral.com/orders/order.php?type=new sell script  
[+] Vulnerability : xss Vulnerability  
[+] Dork : UBB.threads™ 6.4.4  
  
  
**************************************************************************/  
[ Vulnerable File ]  
  
http://server/forum//ubbthreads/login.php?Cat=[N.A.S.T (xss) ]  
  
  
  
[ Greets ]  
  
[+] :CLAW , exploit-db.com,all my friends....  
  
_________________________________________________________________  
Votre messagerie et bien plus où que vous soyez. Passez à Windows Live Hotmail, c'est gratuit !  
https://signup.live.com/signup.aspx?id=60969  
  
  
`