Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12637
HistoryMay 11, 2006 - 12:00 a.m.

vbulletin security Alert

2006-05-1100:00:00
vulners.com
7
JSON

#----------------------------------------------------------
#Discovered by: Aura
#ARIA - SECURITY TEAM
#Gr33t to: O.U.T.L.A.W & R@1D3N & Smok3r
#-----------------------------------------------------------
» Vendor: Vbulletin

» Summary:
vbulletin is a powerfull Forum System

»Description

An administrator user may upload CSS Code that's obteining a phpshell ,and chose it from the vbulletin's
style choser. So when he chose it he will see the phpshell.

Here is an example of the css file
http://b3hr0uz.persiangig.com/VbStyleVuln.txt

in this file the xml obtein a phpshell so the user have to upload the xml file and then chose his style and
that's it .

Note : don't forget to chose ignore style version ( :P ) and also that you'll maybe think about this isn't a
bug actualy u can make your access to the server with stealling the administrator password

Discovered By Aria-Security Team (Aura - Outlaw - Rayden)

» Solution
No Solution . ( maybe by password protection from you cpanel)
contact: [email protected]

JSON