Jump to content
Sign in to follow this  
Aerosol

vBulletin 5.1.3 Cross Site Scripting

Recommended Posts

*CVE-2014-9469  vBulletin XSS (Cross-Site Scripting) Security
Vulnerabilities*


Exploit Title: vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities
Product: vBulletin Forum
Vendor: vBulletin
Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4
Tested Version: 5.1.3 4.2.2
Advisory Publication: Feb 12, 2015
Latest Update: Feb 12, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9469
CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore]





*Advisory Details:*

*(1) Vendor & Product Description:*

*Vendor:*
vBulletin


*Product & Version: *
vBulletin Forum
5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4


*Vendor URL & Download: *
vBulletin can be downloaded from here,
https://www.vbulletin.com/purchases/


*Product Introduction:*
"vBulletin (vB) is a proprietary Internet forum software package developed
by vBulletin Solutions, Inc., a division of Internet Brands. It is written
in PHP and uses a MySQL database server."

"Since the initial release of the vBulletin forum product in 2000, there
have been many changes and improvements. Below is a list of the major
revisions and some of the changes they introduced. The current production
version is 3.8.7, 4.2.2, and 5.1.3."




*(2) Vulnerability Details:*
vBulletin has a security problem. It can be exploited by XSS attacks.

*(2.1) *The vulnerability occurs at "forum/help" page. Add "hash symbol"
first. Then add script at the end of it.






*References:*
http://tetraph.com/security/cves/cve-2014-9469-vbulletin-xss-cross-site-scripting-security-vulnerabilities/
http://securityrelated.blogspot.com/2015/02/cve-2014-9469-vbulletin-xss-cross-site.html
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9469
https://security-tracker.debian.org/tracker/CVE-2014-9469
http://www.cvedetails.com/cve/CVE-2014-9469/
http://www.security-database.com/detail.php?alert=CVE-2014-9469
http://packetstormsecurity.com/files/cve/CVE-2014-9469
http://www.pentest.it/cve-2014-9469.html
http://www.naked-security.com/cve/CVE-2014-9469/
http://www.inzeed.com/kaleidoscope/cves/cve-2014-9469/
http://007software.net/cve-2014-9469/
http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/cve-2014-9469/
https://computertechhut.wordpress.com/2015/02/12/cve-2014-9469/
https://security-tracker.debian.org/tracker/CVE-2014-9469






--
Wang Jing,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing

Source

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...