vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection

Exploit Title: vBulletin vBSSO Single Sign-On – = 1.4.15 This plugin is vulnerable to SQL injection at the /vbsso/avatar.php file in the fetchUserinfo function. It requires a big UNION ALL SELECT query and commenting out the LIMIT function of SQL. If SQL injection is a success, the browser will...

vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion, SQL Injection & XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion, SQL Injection & XSS Date: January 8, 2015 Exploit Author: Technidev https://technidev.com Vendor Homepage: https://vbulletin.com Software Link:...

vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion SQL Injection Cross-Site Scripting

vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion SQL Injection Cross-Site Scripting Exploit Title: vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion, SQL Injection & XSS Date: January 8, 2015 Exploit Author: Technidev https://technidev.com Vendor Homepage: https://vbulletin.com Software...

vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting

Exploit Title: vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion, SQL Injection & XSS Date: January 8, 2015 Exploit Author: Technidev https://technidev.com Vendor Homepage: https://vbulletin.com Software Link: http://www.vbulletin.org/forum/showthread.php?t=256723 Version: 1.1.4 This plugin is...