vBulletin 4.1.10 Sql Injection Vulnerabilitiy

2012-04-09T00:00:00
ID SECURITYVULNS:DOC:27884
Type securityvulns
Reporter Securityvulns
Modified 2012-04-09T00:00:00

Description

a bug in vBulletin 4.1.10 that allows to us to occur a Sql Injection on a Remote machin.

Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy

Author : IrIsT.Ir

Discovered By : Am!r

Home : http://IrIsT.Ir

Software Link : http://vbulletin.com

Security Risk : High

Version : All Version

Tested on : GNU/Linux Ubuntu - Windows Server - win7

Dork : "Powered By Vbulletin"

Expl0iTs :

[TarGeT]/announcement.php?a=&announcementid=[Sql]

Greats : Zarbat.Org - Aria-Security.Com - datacoders.org - black-hg.org

Security7.ir - AjaxTm.Com - Sepehr-Team.Org And All Iranian Hackers