Lucene search
+L

15 matches found

nuclei
nuclei
added 2 days ago347 views

vBulletin <= 4.2.3 - SQL Injection

vBulletin versions 3.6.0 through 4.2.3 are vulnerable to an SQL injection vulnerability in the vBulletin core forumrunner addon. The vulnerability allows an attacker to execute arbitrary SQL queries and potentially access sensitive information from the database. id: CVE-2016-6195 info: name:...

9.8CVSS7.2AI score0.68493EPSS
Exploits7References5
bdu_fstec
bdu_fstec
added 2025/07/02 12:0 a.m.8 views

The vulnerability of the forumrunner component in the vBulletin commercial web forum allows a hacker to perform an SSRF attack.

The vulnerability of the forumrunner component in the vBulletin commercial web forum is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

7.8CVSS5.5AI score
Exploits0
dsquare
dsquare
added 2016/12/01 12:0 a.m.96 views

vBulletin 4 ForumRunner SQL Injection

SQL Injection vulnerability in vBulletin 4 postids parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

7.5CVSS1AI score0.68493EPSS
Exploits7
packetstorm
packetstorm
added 2016/11/11 12:0 a.m.288 views

vBulletin 4.2.3 SQL Injection

Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Tested At : Indishell Laboriginally develop...

7.5CVSS0.4AI score0.68493EPSS
Exploits7
zdt
zdt
added 2016/11/11 12:0 a.m.144 views

vBulletin 4.2.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and...

7.5CVSS9.2AI score0.68493EPSS
Exploits7
cnvd
cnvd
added 2016/08/31 12:0 a.m.79 views

vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

9.8CVSS9.9AI score0.68493EPSS
Exploits7References1
osv
osv
added 2016/08/30 7:59 p.m.17 views

CVE-2016-6195

SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016...

9.8CVSS7.6AI score0.68493EPSS
Exploits7References4
prion
prion
added 2016/08/30 7:59 p.m.20 views

Sql injection

SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016...

7.5CVSS8.9AI score0.68493EPSS
Exploits7References4Affected Software1
cve
cve
added 2016/08/30 7:0 p.m.143 views

CVE-2016-6195

CVE-2016-6195 affects the vBulletin core ForumRunner addon (versions 3.6.0–4.2.3) via the postids parameter to forumrunner/request.php, enabling remote SQL injection. Root cause: improper handling in ForumRunner leading to arbitrary SQL execution. Impact: potential data exposure and compromise of...

9.8CVSS9.9AI score0.68493EPSS
Exploits7References4Affected Software1
vulncheck_kev
vulncheck_kev
added 2016/08/30 12:0 a.m.4 views

VulnCheck KEV: CVE-2016-6195

SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016...

9.8CVSS7.7AI score0.68493EPSS
Exploits7References1
seebug
seebug
added 2016/08/30 12:0 a.m.458 views

vBulletin /forumrunner/request.php SQL injection vulnerability

Author: janesknow Chong Yu 404 security lab Date: 2016-11-15 Vulnerability overview Vulnerability description vBulletin is a commercial Forum application, using PHP language, researchers have found that the VBulletin core plug-in forumrunner presence of SQL injection vulnerabilities: CVE-2016-619...

7.5CVSS9.8AI score0.68493EPSS
Exploits7
openvas
openvas
added 2016/07/24 12:0 a.m.251 views

vBulletin 3.6.x to 4.2.2/4.2.3 Forumrunner 'request.php' SQLi Vulnerability - Active Check

The vBulletin core forumrunner addon enabled by default is affected by an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

9.8CVSS10AI score0.68493EPSS
Exploits7References3
exploitpack
exploitpack
added 2015/08/25 12:0 a.m.169 views

vBulletin 3.6.0 4.2.3 - ForumRunner SQL Injection

vBulletin 3.6.0 4.2.3 - ForumRunner SQL Injection Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu...

7.5CVSS0.6AI score0.68493EPSS
Exploits7
exploitdb
exploitdb
added 2015/08/25 12:0 a.m.246 views

vBulletin 3.6.0 &lt; 4.2.3 - &#039;ForumRunner&#039; SQL Injection

Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Tested At : Indishell Laboriginally develop...

9.8CVSS9.6AI score0.68493EPSS
Exploits7
zdt
zdt
added 2012/12/03 12:0 a.m.83 views

vBulletin 4.2.0 Full Path Disclosure Vulnerability

Exploit for php platform in category web applications The Full Path Disclosure is vBulletin 4.2.0, in forumrunner. With Full Path Disclosure you can get the path to the forum you're in and also most of the times is the same cpanel's username. To see it go to:...

7.1AI score
Exploits0
Rows per page
Query Builder