wtorek, 25 lipca 2017

Few bugs in vBulletin 4.2.3

During one blackbox testing I found few bugs in vBulletin 4.2.3. Below you will find few details about it...

If you will try to send this request with malformed input for type parameter:

You should see error message like the one presented below:

In the code (of subscriptions.php) you can find this:


In other hand you can also find there another type of bug - XSS:

Response in the source:

Another example (of payload) below (request/response):






Response looks like this:



Another place to check your SQL is here:


As far as I know this story will be assigned to CVE-2017-11607.

Cheers

Brak komentarzy:

Prześlij komentarz