vBulletin vBay <= 1.1.9 - Error-Based SQL Injection

No description provided by source. !/usr/bin/env python -W ignore::DeprecationWarning VBay = 1.1.9 - Remote Error based SQL Injection Author: Dan UK Contact: http://www.hackforums.net/member.php?action=profile&uid=817599 Date: 10/11/12 DETAILS Among a couple of other unsanitized parameters used...

vBulletin vBay <=1.1.9 Error-Based SQL Injection

Exploit for php platform in category web applications !/usr/bin/env python -W ignore::DeprecationWarning """ VBay input variable "type" being assigned with the datatype NOHTML. Using this data type allows malicious attacks to still be executed. At line 448, it is used within the insert into...

vBulletin vBay 11.9 SQL Injection

!/usr/bin/env python -W ignore::DeprecationWarning """ VBay input variable "type" being assigned with the datatype NOHTML. Using this data type allows malicious attacks to still be executed. At line 448, it is used within the insert into statement, without any sanitization. POC - You will need to...

vBulletin vBay 1.1.9 - Error-Based SQL Injection

vBulletin vBay 1.1.9 - Error-Based SQL Injection !/usr/bin/env python -W ignore::DeprecationWarning """ VBay input variable "type" being assigned with the datatype NOHTML. Using this data type allows malicious attacks to still be executed. At line 448, it is used within the insert into statement,...