Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web BBS :: Frequently Exploited :: hack3691.htm

vBulletin HTML Injection Vuln
vBulletin HTML Injection Vuln

 Advisory Name : vBulletin HTML Injection Vulnerability

  Release Date : June 24,2004 

   Application : vBulletin

       Test On : 3.0.1 or others?

        Vendor : Jelsoft( 

      Discover : Cheng Peng Su(



     From vendor's website ,it says that ,vBulletin is a powerful, scalable and 

 fully customizable forums package for your web site. It has been written using

 the Web's quickest-growing scripting language; PHP, and is complimented with a

 highly efficient and ultra fast back-end database engine built using MySQL.

Proof of concept:

     While a user is previewing the post , both newreply.php and newthread.php 

 do sanitize the input in 'Preview',but not Edit-panel,malicious code can be 

 injected thru this flaw.



     A page as below can lead visitor to a Preview page which contains XSS code.



action="http://host/newreply.php" name="vbform" method="post" style='visibility:hidden'>
<script>; </script> -----------------------------End----------------------------- Solution: vBulletin Team will release a patch or a fixed version as soon as possible. Contact: Cheng Peng Su Class 1,Senior 2,High school attached to Wuhan University Wuhan,Hubei,China

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH