Posts

Showing posts from December, 2013

Cross Site Scripting ( XSS - Stored ) vulnerability in vBulletin SEO Plugin vBSEO

By
Image
Exploit Title: Cross Site Scripting ( XSS - Stored ) vulnerability in vBulletin SEO Plugin vBSEO . Found By:  Yogesh Jaygadkar | http://www.jaygadkar.com/ Tested versions: vBSEO 3.2.0 & vBSEO 3.6.0 Tested with: vBulletin 4.0.6 & vBulletin 4.2.1 Vulnerable POST Parameter:  sendtrackbacks vBSEO Plugin for vBulletin contains a flaw that allows a stored cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'sendtrackbacks' parameter upon submission to the /forum/newreply.php & /forum/newthread.php script. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. POC: http://www.VictimVBForum.com/forum/newreply.php?do=postreply&t=[Thread ID] http://www.VictimVBForum.com/forum/newthread.php?do=newthread&f = In Advanced Reply Or New Thread page, Put your ">vec...
Post a Comment
Read more

PayPal : User Credit Card Information Disclosure

By Yogesh
Image
Okay... So, here is another one old & duplicate bug from PayPall , which I reported looooong back. I have found some strange results of api-3t.sandbox.paypal.com. This sub domain is storing all credit card information of paypal user in URL. Below is the google dork for finding such “stored” CC details. Google Dork: site:sandbox.paypal.com inurl:CVV2= Google results are not much, nearly 80, but still harmful as sensitive user information is getting leaked.
Post a Comment
Read more