[VIM] false: Vbulletin 3.6.5 Sql Injection ! [misc.php]

George A. Theall theall at tenablesecurity.com
Sat Apr 14 11:21:40 UTC 2007


On 04/14/07 04:50, GM darkfig wrote:

> He just modified this exploit (DeluxeBB 1.06 Remote SQL Injection
> Exploit) http://www.milw0rm.com/exploits/1793.

Is vBulletin affected? In looking around, I found vBulletin installs 
that do have a misc.php, but it didn't seem like they make use of a 
parameter named 'sub'.

George
-- 
theall at tenablesecurity.com


More information about the VIM mailing list