Bugtraq mailing list archives
vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit
From: addmimistrator () gmail com
Date: 5 Aug 2006 02:38:54 -0000
ORIGINAL ADVISORY: http://myimei.com/security/2006-07-24/vbulletin-3014-initphp-XSS-exploit.html http://www.kapda.ir/advisory-397.html VENDOR CREDIT: http://www.vbulletin.com/forum/showthread.php?t=194062 Summary Software: vBulletin Sowtwares Web Site: http://www.vBulletin.com Versions: 3.0.14 Exploit: Available Solution: Available Discovered by: imei addmimistrator Risk Level: Mediume -Description- There is a security bug in most powerfull & common forum software vBulletin version 3.0.14 that allows attacker performe a XSS attack without any limitation. FOR MORE DETAILES VISIT ORIGINAL ADVISORIES
Current thread:
- vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit addmimistrator (Aug 05)