|
|
|
|||||||
| Computers & Information Technologies « Everything related to computers and internet. » |
 |
|
|
Share | Thread Tools | Search this Thread |
04-23-2007
|
#1 |
|
Registered Member
Last Online: 09-06-2011
Join Date: Oct 2006
Posts: 397
Thanks: 262
Thanked 215 Times in 87 Posts
Groans: 0
Groaned at 0 Times in 0 Posts
|
XSS In All The Versions Of Vbulletin
I Was Checking The Latest Exploits.
And I Found An Exploit For All The Versions Of Vbulletin! The Exploit Is Somehow Complicated, But It Will Allow You Steal Cookies Through XSS. Its Idea Is To Inject Somethings To A Spacer PNG Image Using The Perl Programming Language And Then Uploading It To The Site (Avatar For Example), Then Injecting The Evil Codes. I Didn't Apply This Exploit And I Didn't Read It All Because Of The Small Free Time. But I Think Vcoderz And Other Sites Were Hacked In This Way! ~!~ We Are HizbullaH Rockets On The Net ~!~
__________________
من؟ من سينزع سلاح حزب الله!؟
|
|
|
|
04-23-2007
|
#2 | |
|
Administrator
Last Online: 04-16-2018
Join Date: Dec 2005
Posts: 5,085
Thanks: 250
Thanked 3,555 Times in 2,245 Posts
Groans: 3
Groaned at 12 Times in 7 Posts
|
Re: XSS In All The Versions Of Vbulletin
Quote:
|
|
|
|
|
|
04-27-2007
|
#3 |
|
Registered Member
Last Online: 02-14-2010
Join Date: Mar 2006
Posts: 846
Thanks: 71
Thanked 293 Times in 217 Posts
Groans: 0
Groaned at 0 Times in 0 Posts
|
Re: XSS In All The Versions Of Vbulletin
double clarification: Vcoderz was hacked by me several times :P
Bas hizbullah uploading it as an avatar wont work, cuz images are parsed into bytes and inserted in vbulletin's database, and displayed not like normal images, so it wont work 
__________________
--Capitalisation is the only difference between "I helped my uncle Jack off a horse" and "I helped my uncle jack off a horse" !! http://img482.imageshack.us/img482/4889/hell7ta.jpg |
|
|
|
|
04-27-2007
|
#4 | |
|
Registered Member
Last Online: 04-15-2018
Join Date: Aug 2006
Posts: 1,549
Thanks: 31
Thanked 213 Times in 151 Posts
Groans: 0
Groaned at 1 Time in 1 Post
|
Re: XSS In All The Versions Of Vbulletin
Quote:
|
|
|
|
|
|
04-27-2007
|
#5 |
|
Registered Member
Last Online: 02-14-2010
Join Date: Mar 2006
Posts: 846
Thanks: 71
Thanked 293 Times in 217 Posts
Groans: 0
Groaned at 0 Times in 0 Posts
|
Re: XSS In All The Versions Of Vbulletin
both, anyway lets not drift off topic...
__________________
--Capitalisation is the only difference between "I helped my uncle Jack off a horse" and "I helped my uncle jack off a horse" !! http://img482.imageshack.us/img482/4889/hell7ta.jpg |
|
|
|
|
05-02-2007
|
#6 |
|
Registered Member
Last Online: 12-13-2007
Join Date: Jan 2007
Posts: 51
Thanks: 0
Thanked 3 Times in 2 Posts
Groans: 0
Groaned at 0 Times in 0 Posts
|
Re: XSS In All The Versions Of Vbulletin
ROFL :P
im not sure about that vb feature ur talking about. last time i checked, the Pictures are stored as is , and the link to them is in the DB, so they can be used. |
|
|
|
|
|
| Tags |
| vbulletin, versions, xss |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|
