Lucene search
K

11 matches found

Packet Storm
Packet Storm
added 2025/06/09 12:0 a.m.92 views

📄 vBulletin 4.x movepm PHP Object Injection

In vBulletin 4.x, a flawed security patch from 2014 has introduced a new post-auth PHP object injection vector by replacing serialize with jsonencode — ironically making it possible to get vBulletin to sign attacker-controlled base64-encoded payloads, potentially allowing users to perform remote...

8.6AI score
Exploits0
OpenVAS
OpenVAS
added 2014/11/27 12:0 a.m.34 views

Tapatalk < 5.2.2 Blind SQLi Vulnerability

Tapatalk is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tapatalk:tapatalk"; if...

9.8CVSS9.8AI score0.04145EPSS
Exploits5References2
Exploit DB
Exploit DB
added 2014/10/28 12:0 a.m.27 views

Tapatalk for vBulletin 4.x - Blind SQL Injection

!/usr/bin/env python -- coding: utf-8 -- ''' @author: tintinweb 0x721427D8 ''' import urllib2, urllib import xmlrpclib,re, urllib2,string,itertools,time from distutils.version import LooseVersion class Exploitobject: def initself, target, debug=0 : self.stopwatchstart=time.time self.target = targ...

7.4AI score
Exploits0
0day.today
0day.today
added 2014/10/28 12:0 a.m.29 views

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164 Author: Dave FW/...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/10/13 12:0 a.m.69 views

vBulletin 4.x SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API post-auth ============================================================================ == Overview - -------- date : 10/12/2014 cvss : 7.1 AV:N/AC:H/Au:S/C:C/I:C/A:C base cwe : 89 vend...

7.1CVSS0.3AI score0.04145EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/10/12 12:0 a.m.55 views

vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection

CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API post-auth ============================================================================== Overview -------- date : 10/12/2014 cvss : 7.1 AV:N/AC:H/Au:S/C:C/I:C/A:C base cwe : 89 vendor : vBulletin Solutions product : vBulletin 4...

7.1CVSS9.6AI score0.02712EPSS
Exploits4
Packet Storm
Packet Storm
added 2014/10/12 12:0 a.m.54 views

vBulletin 5.x / 4.x Persistent Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ============================================================================ ==================== Overview - -------- date : 10/12/2014 cvss : 4.6...

3.5CVSS9.6AI score0.04145EPSS
Exploits7
exploitpack
exploitpack
added 2014/09/20 12:0 a.m.27 views

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164...

0.3AI score
Exploits0
0day.today
0day.today
added 2014/09/03 12:0 a.m.101 views

Easy Forms for vBulletin 4.X - Upload Shell Code / Remote Code Execute

Easy Forms vBuletin 4.x have suffers from a remote code execute and upload shell code. This is private exploit. You can buy it at https://0day.today...

7.9AI score
Exploits0
myhack58
myhack58
added 2012/12/13 12:0 a.m.13 views

vBulletin 3. x / 4. x AjaxReg SQL injection and fix-vulnerability warning-the black bar safety net

!/ usr/bin/php ? vBulletin 3. x/4. x AjaxReg remote Blind SQL Injection Exploit https://lh3.googleusercontent.com/-4HcW64E57CI/ULWN9mDnK8I/AAAAAAAAABo/cc0UA9eVak/s640/11-26-2012%25206-02-5s3%2520AM.png livedemo : http://www.youtube.com/watch?v=LlKaYyJxH7E check it :...

8.5AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/25 3:37 p.m.6 views

Security Alert : vBulletin 4.X Security SQL Injection & CSRF/XSRF Exploits available !

Security Alert : vBulletin 4.X - SQL Injection & CSRF/XSRF Exploits available ! Two Serious Security Flaws are detected in vBulletin 4.X Versions and also their Security SQL Injection & CSRF/XSRF Exploits are now also available. Impact of these Flaws: Lots of big Forums are on vBulletin 4.X...

8AI score
Exploits0
Rows per page
Query Builder