|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
XSS in Vbulletin 3.6.0 in IE 0nly
Stefan
dakotacom.net
Date: Thu Aug 03 2006 - 17:44:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
---------------------------------
XSS in Vbulletin 3.6.0 in IE 0nly
---------------------------------
Author: Stefan
Email: stefandakotacom.net
Group: EnigmaGroup
---------------------------------
Vulnerable: vbulletin 3.5.4 in IE
Vulnerable: vbulletin 3.6.0 in IE
---------------------------------
Javascript may be executed by
saving code as .pdf and uploading
as attachment.This only works in IE
-----------------------------------
Poc: http://www.xandith.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]