17 thg 8, 2013
How To Hack vBulletin 4.1.10 Admin Control Panel
vBulletin 4.1.10 Vulnerability description:When a new name and password is entered in a form and the form is submitted, the browser
asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.
.This vulnerability affects /admincp
.The impact of this vulnerability
.Possible sensitive information disclosure
Now I Will Tell You How To Hack Admin Cp
Mã:
vb_login_password
from form named loginform with
Mã:
action ../login.php?do=loginhas autocomplete enabled.
IN That Way You Could Do Sql Injection
Other Vulnerabilty Found Also
The HTML comments of this page contain configuration information for Microsoft Frontpage Server Extensions. The configuration information includes the Frontpage version and may help an attacker to learn more about his target.
This vulnerability affects
Mã:
/_vti_inf.html.To Attack It
example.com/admincp/_vti_inf.htmlOr Use That Way
Mã:
example.com/_vti_inf.html
![[Tutorial] XSS Bài 2: XSS Nâng cao + Bypass bộ lọc](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixEoUmpwXUmG6BwNUxkp2bx9LwFoIovVmTOD9ZZ_owzNehJ3jW-beXvaWzjpu7tCCpOzOkzIxz-wIwL9Dt8_YxyKl604U03Hd3Z1E3mlDvIB0u0IIf-WtvpXRfkgSv0Y9BzB9EkC6J0uI/s72-c/70.jpg)
Không có nhận xét nào:
Đăng nhận xét