OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
vBulletin 4.1.10 Sql Injection Vulnerabilitiy

Amiririst.ir
Date: Wed Apr 04 2012 - 10:50:34 CDT


a bug in vBulletin 4.1.10 that allows to us to occur
a Sql Injection on a Remote machin.

########################################################
#
# Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir
#
# Software Link : http://vbulletin.com
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork : "Powered By Vbulletin"
#
########################################################
#
# Expl0iTs :
#
# [TarGeT]/announcement.php?a=&announcementid=[Sql]
#
#########################################################
#
# Greats : Zarbat.Org - Aria-Security.Com - datacoders.org - black-hg.org
#
# Security7.ir - AjaxTm.Com - Sepehr-Team.Org And All Iranian Hackers
#
#########################################################