exploit the possibilities

vBulletin 5.1.3 Cross Site Scripting

vBulletin 5.1.3 Cross Site Scripting
Posted Feb 13, 2015
Authored by Jing Wang

vBulletin versions 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-9469
MD5 | b906d8cce76417069dca0ccbac684490

vBulletin 5.1.3 Cross Site Scripting

Change Mirror Download
*CVE-2014-9469  vBulletin XSS (Cross-Site Scripting) Security
Vulnerabilities*


Exploit Title: vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities
Product: vBulletin Forum
Vendor: vBulletin
Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4
Tested Version: 5.1.3 4.2.2
Advisory Publication: Feb 12, 2015
Latest Update: Feb 12, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9469
CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore]





*Advisory Details:*

*(1) Vendor & Product Description:*

*Vendor:*
vBulletin


*Product & Version: *
vBulletin Forum
5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4


*Vendor URL & Download: *
vBulletin can be downloaded from here,
https://www.vbulletin.com/purchases/


*Product Introduction:*
"vBulletin (vB) is a proprietary Internet forum software package developed
by vBulletin Solutions, Inc., a division of Internet Brands. It is written
in PHP and uses a MySQL database server."

"Since the initial release of the vBulletin forum product in 2000, there
have been many changes and improvements. Below is a list of the major
revisions and some of the changes they introduced. The current production
version is 3.8.7, 4.2.2, and 5.1.3."




*(2) Vulnerability Details:*
vBulletin has a security problem. It can be exploited by XSS attacks.

*(2.1) *The vulnerability occurs at "forum/help" page. Add "hash symbol"
first. Then add script at the end of it.






*References:*
http://tetraph.com/security/cves/cve-2014-9469-vbulletin-xss-cross-site-scripting-security-vulnerabilities/
http://securityrelated.blogspot.com/2015/02/cve-2014-9469-vbulletin-xss-cross-site.html
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9469
https://security-tracker.debian.org/tracker/CVE-2014-9469
http://www.cvedetails.com/cve/CVE-2014-9469/
http://www.security-database.com/detail.php?alert=CVE-2014-9469
http://packetstormsecurity.com/files/cve/CVE-2014-9469
http://www.pentest.it/cve-2014-9469.html
http://www.naked-security.com/cve/CVE-2014-9469/
http://www.inzeed.com/kaleidoscope/cves/cve-2014-9469/
http://007software.net/cve-2014-9469/
http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/cve-2014-9469/
https://computertechhut.wordpress.com/2015/02/12/cve-2014-9469/
https://security-tracker.debian.org/tracker/CVE-2014-9469






--
Wang Jing,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing


Login or Register to add favorites

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    8 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close