[VIM] false: Vbulletin 3.6.5 Sql Injection ! [misc.php]

GM darkfig gmdarkfig at gmail.com
Sat Apr 14 12:12:55 UTC 2007


Not affected. They just have the same filename, not the same content.

2007/4/14, George A. Theall <theall at tenablesecurity.com>:
> On 04/14/07 04:50, GM darkfig wrote:
>
> > He just modified this exploit (DeluxeBB 1.06 Remote SQL Injection
> > Exploit) http://www.milw0rm.com/exploits/1793.
>
> Is vBulletin affected? In looking around, I found vBulletin installs
> that do have a misc.php, but it didn't seem like they make use of a
> parameter named 'sub'.
>
> George
> --
> theall at tenablesecurity.com
>


More information about the VIM mailing list