loaep
Customer
# Exploit Title: vBshop persistent XSS 0day
# Google Dork: "DragonByte Technologies Ltd" vbshout
# Date: 25/3/2012 9:32 PM #EST
# Author: ToiL
# Software Link: http://www.dragonbyte-tech.com/
# Version: all
# Tested on: all
# CVE : XSS
#Greeting from Team Odyessy.
#Today we will release a 0day for the vBulletin mod, vBShout.
#This 0day exploit is brought to you by www.Bugabuse.net/
#Have fun, And happy exploiting.
######Guide########
*Instructions removed for obvious reasons - Report is appreciated =)*
(I am ToiL)
Hope you fix it soon.
---------- Post added at 11:23 ---------- Previous post was at 10:38 ----------
And to all who want to fix it temp.
Do this:
Remove: <div class="td blockrow" style="font-size:{vb:stylevar small_fontSize};">
<vb:if condition="$feature['description']">{vb:raw feature.description}</vb:if>
<vb:if condition="$feature['description']"><br /></vb:if><span style="white-space:nowrap;">{vb:raw phrase}</span>
</div>
from dbtech_vbshop_memberinfo_purchasebit in styles
# Google Dork: "DragonByte Technologies Ltd" vbshout
# Date: 25/3/2012 9:32 PM #EST
# Author: ToiL
# Software Link: http://www.dragonbyte-tech.com/
# Version: all
# Tested on: all
# CVE : XSS
#Greeting from Team Odyessy.
#Today we will release a 0day for the vBulletin mod, vBShout.
#This 0day exploit is brought to you by www.Bugabuse.net/
#Have fun, And happy exploiting.
######Guide########
*Instructions removed for obvious reasons - Report is appreciated =)*
(I am ToiL)
Hope you fix it soon.
---------- Post added at 11:23 ---------- Previous post was at 10:38 ----------
And to all who want to fix it temp.
Do this:
Remove: <div class="td blockrow" style="font-size:{vb:stylevar small_fontSize};">
<vb:if condition="$feature['description']">{vb:raw feature.description}</vb:if>
<vb:if condition="$feature['description']"><br /></vb:if><span style="white-space:nowrap;">{vb:raw phrase}</span>
</div>
from dbtech_vbshop_memberinfo_purchasebit in styles
Last edited by a moderator: