[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

vBulletin 4.1.10 Sql Injection Vulnerabilitiy

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: vBulletin 4.1.10 Sql Injection Vulnerabilitiy
From: Amir@xxxxxxxx
Date: Wed, 4 Apr 2012 15:50:34 GMT

a bug in vBulletin 4.1.10 that allows to us to occur
a Sql Injection on a Remote machin.




########################################################
#
# Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy
#
# Author        : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home          : http://IrIsT.Ir
#
# Software Link : http://vbulletin.com
#
# Security Risk : High
#
# Version       : All Version
#
# Tested on     : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork          : "Powered By Vbulletin"
#
########################################################
#
#  Expl0iTs :
#
#  [TarGeT]/announcement.php?a=&announcementid=[Sql]
#
#########################################################
#
# Greats : Zarbat.Org - Aria-Security.Com - datacoders.org - black-hg.org
# 
#     Security7.ir - AjaxTm.Com - Sepehr-Team.Org And All Iranian Hackers
#
#########################################################

Prev by Date: Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite
Next by Date: Sony Bravia Remote Denial of Service - CVE-2012-2210
Previous by thread: Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite
Next by thread: Sony Bravia Remote Denial of Service - CVE-2012-2210
Index(es):
- Date
- Thread