javascript hit counter


ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1

ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1


ÇáäÊÇÆÌ 1 Åáì 3 ãä 3
  1. #1
    ÇáÕæÑÉ ÇáÑãÒíÉ Bakenam
    ÇáÍÇáÉ : ÛíÑ ãÊæÇÌÏ
    ÑÞã ÇáÚÖæíÉ : 350
    ÊÇÑíÎ ÇáÊÓÌíá : Nov 2008
    ÇáÏæáÉ : ÞáÈå Úíæäå æÌÏÇäå
    ÇáãÔÇÑßÇÊ : 11,390
    ÇáÊÞííã : 20
    Array
    ãÚÏá ÊÞííã ÇáãÓÊæì : 27
    Array

    vb ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1

    ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1
    ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1
    ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1
    ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1


     

    ÇÖÛØ åäÇ æÓÇåã ãÚäÇ Ýí äÔÑ ÇáãæÖæÚ Úáì ÇáÝíÓ Èæß

     


    ÈÚÏ ÊÃßíÏ ãæÞÚ ÇáÜ


    ÈæÌæÏ ËÛÑÉ Xss Ýí ÈÚÖ ãä ÇáãáÝÇÊ ááäÓÎ 3.7.1 æßÐáß 3.6.10

    ÇäÕÍ ÇáÌãíÚ ÇæáÇð ÈÇáÊÑÞíÉ ááÃÕÏÇÑ ÇáÃÎíÑ 3.7.1 æãä Ëã ÊÑßíÈ ÇáÈÇÊÔ ÇáÎÇÕ Ýí ÅÛáÇÞ ÇáËÛÑÉ

    æÇááí íÍÈ íÛáÞ ÈäÝÓå íÞÏÑ íØÈÞ ÇáÔÑæÍÇÊ ÇááÊí ÈÇáÃÓÝá Çæ ÊÍãíá ÇáãáÝ ÇáãÑÝÞ ÍíË ÞãÊ ÈÊÑÞíÚå æåæ ÌÇåÒ ááäÓÎÉ 3.7.1

    ßá Çááí Úáíßã ÇÓÊÈÏÇá ãáÝ functions.php æãáÝ version_vbulletin.php ÈÏÇÎá ãÌáÏ ÇáÜ

    includes
    æßÐáß ÅÓÊÈÏÇá ãáÝ index.php ÈÏÇÎá ãÌáÏ ÇáÜ admincp

    ÇáãáÝÇÊ ÇáãÑÞÚÉ æÌÇåÒÉ ãæÌæÏÉ Ýí äåÇíÉ ÇáãæÖæÚ ááí ãÇ íÈí íÊÚÈ



    :+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+:+



    ÊÑÞíÚ ãáÝ ÇáÜ index.php ÇáãæÌæÏ Ýí ãÌáÏ ÇáÜ admincp

    ÇÈÍË Úä


    ÑãÒ PHP:
    $redirect = htmlspecialchars_uni

    (fetch_replaced_session_url($vbulletin->GPC['redirect'
    ]));

    ÇÓÊÈÏáå ÈÇáÊÇáí


    ÑãÒ PHP:
    ßæÏ PHP:
        $redirect htmlspecialchars_uni 

    (fetch_replaced_session_url($vbulletin->GPC['redirect'])); 
        
    $redirect create_full_url($redirect); 
        
    $redirect preg_replace
            array(
    '/&#0*59;?/''/&#x0*3B;?/i''#;#'), 
            
    '%3B'
            
    $redirect 
        
    ); 
        
    $redirect preg_replace('#&amp%3B#i''&',  

    $redirect); 



    æßÐáß Ýí äÝÓ ÇáÜ index.php ÇáãæÌæÏ Ýí ãÌáÏ ÇáÜ admincp

    ÇÈÍË Úä


    ÑãÒ PHP:
    ßæÏ PHP:
        $mainframe "<frame src=\"" iif(!empty($vbulletin

    >
    GPC['loc']) AND !preg_match('#^[a-z]+:#i'$vbulletin->GPC 

    ['loc']), $vbulletin->GPC['loc'], "index.php?" $vbulletin

    >
    session->vars['sessionurl'] . "do=home") . "\" name=\"main\"  

    scrolling=\"yes\" frameborder=\"0\" marginwidth=\"10\"  

    marginheight=\"10\" border=\"no\" />\n"




    ÇÓÊÈÏáå ÈÇáÊÇáí


    ÑãÒ PHP:
    ßæÏ PHP:
        $mainframe "<frame src=\"" iif(!empty($vbulletin

    >
    GPC['loc']) AND !preg_match('#^[a-z]+:#i'$vbulletin->GPC 

    ['loc']), create_full_url($vbulletin->GPC['loc']),  

    "index.php?" $vbulletin->session->vars['sessionurl'] .  

    "do=home") . "\" name=\"main\" scrolling=\"yes\"  

    frameborder=\"0\" marginwidth=\"10\" marginheight=\"10\"  

    border=\"no\" />\n"



    ÊÑÞíÚ ãáÝ ÇáÜ functions.php ÇáãæÌæÏ Ýí ãÌáÏ ÇáÜ includes

    ÇÈÍË Úä ßáãÉ


    ÑãÒ PHP:
    if (!preg_match('#^[a-z]+://#i', $url))

    ÇÓÊÈÏáåÇ ÈÇáÊÇáí


    ÑãÒ PHP:
    if (!preg_match('#^[a-z]+(?<!

    about|**********|vb******|data)://#i'
    , $url
    ))


    æßÐáß Ýí äÝÓ ÇáãáÝ functions.php ÇáãæÌæÏ Ýí ãÌáÏ ÇáÜ includes



    ÇÈÍË Úä


    ÑãÒ PHP:
    ßæÏ PHP:
                        
                            
    $modcache 

    ["$userid"]["$do"] = 1
                            break; 
                        } 
                    } 
                    else 
                    { 
                        
    $modcache["$userid"

    [
    "$do"] = 1
                        break; 
                    } 



    ÇÓÊÈÏáå ÈÇáÊÇáí


    ÑãÒ PHP:
    ßæÏ PHP:
                        
                            
    $modcache 

    ["$userid"]["$do"] = 1
                        } 
                    } 
                    else 
                    { 
                        
    $modcache["$userid"

    [
    "$do"] = 1
                    } 


    Ýí ãáÝ version_vbulletin.php ÇáãæÌæÏ Ýí ãÌáÏ ÇáÜ includes



    ÇÈÍË Úä


    ÑãÒ PHP:
    define('FILE_VERSION_VBULLETIN', '');

    ÇÓÊÈÏáå ÈÇáÊÇáí


    ÑãÒ PHP:
    define('FILE_VERSION_VBULLETIN', '3.7.1 Patch Level 1');


    æÈÇáÊæÝíÞ ááÌãíÚ ,,,


    ÇáãæÖæÚ ÇáÃÕáí: ÊÑÞíÚ ËÛÑÉ Xss ááäÓÎÉ 3.7.1 || ÇáßÇÊÈ: Bakenam || ÇáãÕÏÑ: ãäÊÏíÇÊ ÈÇäì ÓÊÇÑ

    ßáãÇÊ ÇáÈÍË

    ÇÝáÇã,ÇÝáÇã ÚÑÈì,ÇÝáÇã ÇÌäÈì,ÇÝáÇã åäÏì,ÇÝáÇã åäÏíÉ,ÇÝáÇã ßÑÊæä,ÇÝáÇã ÚÑÈíÉ,ÇÝáÇã ãÕÑíÉ,ÇÝáÇã ÌÏíÏÉ,ÇÛÇäí,ÇáÚÇÈ,ÇÛÇäí mp3,ÇÛÇäí ÚÑÈíÉ,ÇÛÇäí ÔÚÈíå,ÇÛÇäí ÇÌäÈíÉ,ÇÛÇäí ØÑÈ,ÇÛÇäí ÊÇãÑ ÍÓäí,ÚãÑæ ÏíÇÈ , ÝíÏíæ,ÝíÏíæ ßáíÈ,ÝíÏíæ ßáíÈÇÊ,ÝíÏíæ ÑÞÕ,ÝíÏíæ ÈäÇÊ,ãÞÇØÚ ÝíÏíæ,ãÞÇØÚ ÝíÏíæ ÈäÇÊ,ãÞÇØÚ ãÖÍßÉ,ãÞÇØÚ ÈáæÊæË,ãÞÇØÚ ÇÛÇäí,ÊÚáíã áÛÇÊ,ÞÇãæÓ,ÞÇäæä,ÔÚÑ,Óáãì ÍÇíß,åíÝÇÁ æåÈì,äÇäÓì ÚÌÑã,äæÑ,ãåäÏ







  2. #2
    ÇáÕæÑÉ ÇáÑãÒíÉ Danna
    ÇáÍÇáÉ : ÛíÑ ãÊæÇÌÏ
    ÑÞã ÇáÚÖæíÉ : 377
    ÊÇÑíÎ ÇáÊÓÌíá : Dec 2008
    ÇáãÔÇÑßÇÊ : 2,153
    ÇáÊÞííã : 10
    Array
    ãÚÏá ÊÞííã ÇáãÓÊæì : 18
    Array

    ÇÝÊÑÇÖí


    ÇáÓáÇã Úáíßã æÑÍãÉ Çááå æÈÑßÇÊå

    ãíÑÓíå Úáì ÇáãæÖæÚ æÏÇíãÇ ãæÖæÚÇÊß ÞíãÉ æããíÒÉ


    æíÇÑÈ ÏÇíãÇ ÈÇáÊæÝíÞ æÝì ÇäÊÙÇÑ ÇáãÒíÏ ãä ãæÖæÚÇÊß Çááì ÈÊÝíÏ ßá ÞÇÑìÁ

    æÈÇáÃÎÕ ÇáãæÖæÚÇÊ Çááì ÝíåÇ ÑÓÇáÉ ÈÊÍãá Ýì ãÖãæäåÇ ÞíãÉ íÓÊÝÇÏ ãäåÇ ÇáÌãíÚ

    æáæ ÓØÑ Ãæ ÕæÑÉ

    æÏå ÏÇíãÇ ãÊÚæÏíä äÔæÝå ãäß æíÇÑÈ ÏÇíãÇ Ýì ÊãíÒ æÊÃáÞ




    <a href=http://www.b7st.com/vb target=_blank><img src=http://i183.photobucket.com/albums/x14/hootblood/7.gif border=0 alt= /></a>
<a href=http://www.b7st.com/vb target=_blank><img src=http://i183.photobucket.com/albums/x14/hootblood/12.gif border=0 alt= /></a>DANNA

  3. #3
    ÇáÕæÑÉ ÇáÑãÒíÉ Danna
    ÇáÍÇáÉ : ÛíÑ ãÊæÇÌÏ
    ÑÞã ÇáÚÖæíÉ : 377
    ÊÇÑíÎ ÇáÊÓÌíá : Dec 2008
    ÇáãÔÇÑßÇÊ : 2,153
    ÇáÊÞííã : 10
    Array
    ãÚÏá ÊÞííã ÇáãÓÊæì : 18
    Array

    ÇÝÊÑÇÖí


    ÇáÓáÇã Úáíßã æÑÍãÉ Çááå æÈÑßÇÊå

    ãíÑÓíå Úáì ÇáãæÖæÚ æÏÇíãÇ ãæÖæÚÇÊß ÞíãÉ æããíÒÉ


    æíÇÑÈ ÏÇíãÇ ÈÇáÊæÝíÞ æÝì ÇäÊÙÇÑ ÇáãÒíÏ ãä ãæÖæÚÇÊß Çááì ÈÊÝíÏ ßá ÞÇÑìÁ

    æÈÇáÃÎÕ ÇáãæÖæÚÇÊ Çááì ÝíåÇ ÑÓÇáÉ ÈÊÍãá Ýì ãÖãæäåÇ ÞíãÉ íÓÊÝÇÏ ãäåÇ ÇáÌãíÚ

    æáæ ÓØÑ Ãæ ÕæÑÉ

    æÏå ÏÇíãÇ ãÊÚæÏíä äÔæÝå ãäß æíÇÑÈ ÏÇíãÇ Ýì ÊãíÒ æÊÃáÞ




    <a href=http://www.b7st.com/vb target=_blank><img src=http://i183.photobucket.com/albums/x14/hootblood/7.gif border=0 alt= /></a>
<a href=http://www.b7st.com/vb target=_blank><img src=http://i183.photobucket.com/albums/x14/hootblood/12.gif border=0 alt= /></a>DANNA


 

ãÚáæãÇÊ ÇáãæÖæÚ

ÇáÃÚÖÇÁ ÇáÐíä íÔÇåÏæä åÐÇ ÇáãæÖæÚ

ÇáÐíä íÔÇåÏæä ÇáãæÖæÚ ÇáÂä: 1 (0 ãä ÇáÃÚÖÇÁ æ 1 ÒÇÆÑ)

     

ÇáßáãÇÊ ÇáÏáÇáíÉ áåÐÇ ÇáãæÖæÚ

ÇáãÝÖáÇÊ

ÇáãÝÖáÇÊ

ÖæÇÈØ ÇáãÔÇÑßÉ

  • áÇ ÊÓÊØíÚ ÅÖÇÝÉ ãæÇÖíÚ ÌÏíÏÉ
  • áÇ ÊÓÊØíÚ ÇáÑÏ Úáì ÇáãæÇÖíÚ
  • áÇ ÊÓÊØíÚ ÅÑÝÇÞ ãáÝÇÊ
  • áÇ ÊÓÊØíÚ ÊÚÏíá ãÔÇÑßÇÊß
  •