4 matches found
vBulletin 4.1 Add Administrator
vBulletin version 4.1 add new administrator remote proof of concept exploit that takes advantage of a flaw from 2013. ============================================================================================================================================= | Title : vBulletin 4.1 create new...
CVE-2013-6129
CVE-2013-6129 affects vBulletin 4.1 and 5. The install/upgrade.php component allows remote attackers to create administrative accounts by submitting crafted POST fields (customerid, htmldata[password], htmldata[confirmpassword], htmldata[email]); this was exploited in the wild in October 2013. Co...
CVE-2013-6129
creationtimestamp| type| source ---|---|--- 2013-10-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38785 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/vbulletinupgradeadmin.rb 2025-02-06 03:13:41+00:00|...
vBulletin Administrator Account Creation
This module abuses the "install/upgrade.php" component on vBulletin 4.1+ and 4.5+ to create a new administrator account, as exploited in the wild on October 2013. This module has been tested successfully on vBulletin 4.1.5 and 4.1.0. This module requires Metasploit: https://metasploit.com/downloa...