vBulletin Radio and TV Player Add-On (all version) - XSS , Iframe injection and Redirect Vulnerability

vendor:

Radio and TV Add-on

by:

d3v1l [Avram Marius]

7,5

CVSS

HIGH

XSS, Iframe injection and Redirect

79, 94, 601

CWE

Product Name: Radio and TV Add-on

Affected Version From: All versions

Affected Version To: All versions

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

vBulletin Radio and TV Player Add-On (all version) – XSS , Iframe injection and Redirect Vulnerability

This vulnerability allows an attacker to inject malicious code into the vulnerable application. The malicious code can be used to redirect users to malicious websites, inject iframes, or execute arbitrary JavaScript code.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.

Source

Exploit-DB raw data:

vBulletin Radio and TV Player Add-On (all version) - XSS , Iframe injection and Redirect Vulnerability 

About:- 

Radio and TV Add-on will add a radio and TV library to your forum.

Features:- 

- Users can add / delete / edit own stations

For more info about this plugin See - http://www.vbulletin.org/forum/showthread.php?t=152037&page=2 

Note:-  
 
- To exploit this Bug need to be registred!and after you are registered you can add new radio station
  where name station can be "><script>alert(String.fromCharCode(88,83,83))</script>  
  and URL "><script>alert(String.fromCharCode(88,83,83))</script>
 

Poc: XSS 

http://www.musicadigitale.net/forum/radioandtv.php?station=92 
 
Poc: Iframe 
 
http://www.musicadigitale.net/forum/radioandtv.php?station=93 
 
Poc: Redirect 
 
http://www.musicadigitale.net/forum/radioandtv.php?station=94

dorks:- inurl:radioandtv.php 

Bug founded by d3v1l [Avram Marius] 
 
Date: 14.06.2009 

# milw0rm.com [2009-06-15]