3 matches found
vBulletin 3.6.4 - inlinemod.php?postids SQL Injection
vBulletin 3.6.4 - inlinemod.php?postids SQL Injection input-cleanarraygpc'p', array 'postids' = TYPESTR, ; $postids = exp...
vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit
No description provided by source. ?php printr' ----------------------------------------------------------------------------- vBulletin = 3.6.4 inlinemod.php "postids" sql injection / privilege escalation by session hijacking exploit by rgod mail: retrog at alice dot it site:...
vBulletin v3.5.4: HTTP Response Splitting
Здравствуйте, vuln. Уязвимость в параметре url скрипта inlinemod.php при POST-запросе: зарегистрированный пользователь может редактировать http-ответ. ПРИМЕР: POST /vb354/inlinemod.php HTTP/1.0 Cookie: bbpassword=a5c3d9e61bcb8dea99105143c772bcd9; bbuserid=1 Content-Length: 93 Accept: /...