module
vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection
| Disclosed |
|---|
| Mar 12, 2020 |
Disclosed
Mar 12, 2020
Description
This module exploits a SQL injection vulnerability found in vBulletin 5.x.x to dump the user
table information or to dump all of the vBulletin tables (based on the selected options). This
module has been tested successfully on VBulletin Version 5.6.1 on Ubuntu Linux.
table information or to dump all of the vBulletin tables (based on the selected options). This
module has been tested successfully on VBulletin Version 5.6.1 on Ubuntu Linux.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.