Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26462
HistoryJun 03, 2011 - 12:00 a.m.

[CVE-ID REQUEST] vBulletin - Multiple Open Redirects

2011-06-0300:00:00
vulners.com
24
JSON

Product: vBulletin
Version: 3 - 4.1.3
Release Date: 06/02/2011
Risk: Low
Authentication: Not required to exploit.
Remote: Yes

Description:
Multiple Open Redirect vulnerabilities in vBulletin version 4.1.3 and below allow remote
attackers to redirect users to arbitrary web sites and conduct phishing attacks via the "url"
parameter. By appending ?url=http://attackersite.com any number of pages, the user will be
redirected to a potentially dangerous site. This is particularly interesting when used on the
registration form or the password reset form.

Exploit Example:
http://forum.pwndshop.com/register.php?do=checkdate&url=http://attackersite.com

Vendor Notified: Yes

Reference:
http://www.vbulletin.com/forum/showthread.php/381014-Potential-Phishing-Vector?p=2166441
https://www.owasp.org/index.php/Open_redirect

Credit:

Robert Gilbert
Senior Consultant
HALOCK Security Labs, Purpose Driven Security(tm)
rgilbert [-at-] halock [-dot-] com
http://www.halock.com
http://blog.halock.com

Note: This message (including any attachments) is intended only for the use of the individual
or entity to which it is addressed and may contain information that is non-public, proprietary,
privileged, and/or confidential. If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this communication is strictly
prohibited. If you have received this communication in error, please notify us immediately by
telephone and delete this message immediately.

JSON