vBulletin 3.0.0 XSS Vulnerability

No description provided by source. Title: vBulletin 3.0.0 XSS Author: Discovered by ROOTEGY Version: vBulletin Version 3.0.0 =============================================== WWW.sec-war.com =============================================== 3.0.0 - Introduction XSS scripts in the script search.php. I...

MyBB (editpost.php, posthash) - SQL Injection Vulnerability

No description provided by source. MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = posthash='$posthash' OR ; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a post, edit the 'posthash...

MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection

MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection MyBB...

MyBB <1.6.9 (editpost.php, posthash) SQL Injection Vulnerability

Exploit for php platform in category web applications MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = "posthash='$posthash' OR "; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a pos...

vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit

No description provided by source. / ----------------------------- Author = Mx Title = vBulletin 3.7.3 Visitor Messages XSS/XSRF + worm Software = vBulletin Addon = Visitor Messages Version = 3.7.3 Attack = XSS/XSRF - Description = A critical vulnerability exists in the new vBulletin 3.7.3 softwa...

XSS в vBulletin 3.x

Здравствуйте, vuln. Параметры posthash и poststarttime в скриптах newreply.php и newthread.php не фильтруются в POST-запросе это для версии 3.0.9 для 3.5.4 уязвим только параметр posthash и только в скрипте newthread.php В результате чего возможна атака типа XSS. ПРИМЕР: POST /forum/newthread.php...