The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
|
|||
|
|||
Security question
I just had a member demonstrate a security problem with vB4.2.0, and I'm sure it applies to other versions as well.
I had made the mistake of building an iframe bb code and thought I had it so you couldn't iframe a local page but he demonstrated that you could use URL shortening to get around it and use that to iframe a thread that had an iframe in it and create multiple layers of iframes. That problem is another issue but what really got my attention is he iframed profile.php and used GET values to try to set the user's ignore list to ignore one of the moderators. Well, you have to confirm when you add a user to your ignore list so nothing happened. I checked profile.php and found this, starting on line 449: PHP Code:
There are other suspicious parts of profile.php at lines 564, 1537, 4707, 222, and elsewhere. Is there any reason to use REQUEST instead of POST for these actions? |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|