<div><div style="margin:20px; margin-top:5px"> رمز PHP:
<div class="alt2"> <div dir="ltr" style="text-align:left;"> <span style="color: #000000"> vBulletin 3.8.2 adminCP Cross-Site Scripting
R.I.P DrtRp - We miss you
---------------------------------------------
Original Post at http://forum.aria-security.com/en/showthread.php?p=1179
Greetz to Aura & all Aria-Security Mods & Members
These were all tested on vbulletin 3.8.0 RC2 so other version may be effected.
1. Users Title. admincp/usertitle.php?do=modify. Add a new title. use the following code as title ****.
******************.write('')
or any other XSS code.
2.Post Icons. admincp/image.php?do=add&table=icon add new title.. give a wrong path such as /images/aria.gif. use the following code as title ****.
******************.write('')
3.Post new Smilies. image.php?do=add&table=smilie ... SAME AS #2. use the following code as title ****.
******************.write('')
4.New avatar. admincp/image.php?do=add&table=avatar Same as #2. dont forget the update. use the following code as title ****.
******************.write('
FeyvmDtd ksoi 3>8>2
09-27-2009, 04:21 AM
[ثغرة]في نسخه 3.8.2 
المواضيع المتشابهه 
العرض العادي
