Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: Frequently Exploited :: c07-2512.htm

vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.



vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.
vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.



vBulletin=AE v3.6.5 has an xss vuln in admincp/index.php in rss feed .

exactlly in add rss url

by adding :  ">

a cool messege box appear with cookies ;)


earlier versions affected also .
-----------------------------------------------------------------------------
Discovered by meto5757


-----------------------------------------------------------------------------


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH