TUCoPS :: Web BBS :: Frequently Exploited :: b06-4055.htm

vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit
vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit
vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit


ORIGINAL ADVISORY:=0D
=0D
http://myimei.com/security/2006-07-24/vbulletin-3014-initphp-XSS-exploit.html=0D 
http://www.kapda.ir/advisory-397.html=0D 
=0D
VENDOR CREDIT:=0D
http://www.vbulletin.com/forum/showthread.php?t=194062=0D 
=97=97=96Summary=97=97=96=0D
Software: vBulletin=0D
Sowtware=92s Web Site: http://www.vBulletin.com=0D 
Versions: 3.0.14=0D
Exploit: Available=0D
Solution: Available=0D
Discovered by: imei addmimistrator=0D
Risk Level: Mediume=0D
=97=97-Description=97=97-=0D
There is a security bug in most powerfull & common forum software vBulletin version 3.0.14 that allows attacker performe a XSS attack without any limitation.=0D
=0D
FOR MORE DETAILES VISIT ORIGINAL ADVISORIES

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH