vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Exploit on vbulletin4 (https://vborg.vbsupport.ru/showthread.php?t=319756)

Duckface 08-06-2015 02:25 PM
Exploit on vbulletin4
 
Wth, a member just made a post like this:

http://spawnscape614.co.uk/forums/sh...this-is-a-test)

I checked the code and it seems that this has been added into the actual post:

HTML Code:
<meta name="keywords" content="http://images.sky-map.org/star_image/000/000073.jpeg, click" />
 <meta name="description" content="http://images.sky-map.org/star_image/000/000073.jpeg" />

 <title> CLICK ME (this is a test)</title>
 <link rel="canonical" href="showthread.php?3383-CLICK-ME-(this-is-a-test)" /
How has the user done that to his threads?

Could anyone please help me, thanks.

--------------- Added [DATE]1438878988[/DATE] at [TIME]1438878988[/TIME] ---------------

I found what it is, if a user does this:

HTML Code:
[img]https://vborg.vbsupport.ru/external/2015/08/4.jpeg[/img]
--------------- Added [DATE]1438879049[/DATE] at [TIME]1438879049[/TIME] ---------------

https://vborg.vbsupport.ru/external/2015/08/27.jpg

Lynne 08-06-2015 02:38 PM
I'm not sure what it is you are asking about. The user made a post with an image. The meta tags are created from the post. So, the meta tags have that image link in them. Is that what you are trying to point out?


All times are GMT. The time now is 11:44 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00977 seconds
  • Memory Usage 1,713KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_html_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (2)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete