===============
> /joinrequests.php:
POST:
> /admincp/user.php:
GET:
GET:
> /admincp/usertitle.php:
GET:
> /admincp/usertools.php:
GET:
o XSS: (Fixed in vB 3.0.9)
=====
> /admincp/css.php:
GET:
> /admincp/index.php:
GET:
> /admincp/user.php:
GET:
> /admincp/language.php:
GET:
> /admincp/modlog.php:
GET:
> /admincp/template.php:
GET:
GET:
GET:
o Arbitrary File Upload:
=======================
An user with access to administrator panel (e.g. (Co)Administrator) and
the privilege to add avatars/icons/smileys is able to upload arbitrary
files. An attacker is able to gain the ability to execute commands under
the context of the web server.
> /admincp/image.php:
POST:
POST:
POST:
This issue is not addressed in vBulletin 3.0.9.
o Unpatched Bugs:
================
> /modcp/announcement.php:
POST:
> /modcp/user.php:
GET:
There are still a lot of security related bugs in the administrator
panel of the vBulletin software. An authorized user could elevate his
privileges and read sensitive data.
> /admincp/admincalendar.php:
POST:
POST:
> /admincp/cronlog.php:
POST:
POST:
> /admincp/email.php:
POST:
> /admincp/help.php:
POST:
> /admincp/language.php:
POST:
> /admincp/phrase.php:
POST:
> /admincp/usertools.php:
POST:
Even a privileged user should not be able to add posts, titles,
announcements etc. with HTML/JavaScript-Code in it.
> Not properly filtered: (XSS)
================================================
Source from Turkish Hacker
================================================
Tidak ada komentar:
Posting Komentar