During one blackbox testing I found few bugs in vBulletin 4.2.3. Below you will find few details about it...
If you will try to send this request with malformed input for type parameter:
You should see error message like the one presented below:
In the code (of subscriptions.php) you can find this:
In other hand you can also find there another type of bug - XSS:
Response in the source:
Another example (of payload) below (request/response):
Response looks like this:
Another place to check your SQL is here:
As far as I know this story will be assigned to CVE-2017-11607.
Cheers
Brak komentarzy:
Prześlij komentarz