[VIM] false: Vbulletin 3.6.5 Sql Injection ! [misc.php]
gmdarkfig at gmail.com
Sat Apr 14 12:12:55 UTC 2007
Not affected. They just have the same filename, not the same content.
2007/4/14, George A. Theall <theall at tenablesecurity.com>:
> On 04/14/07 04:50, GM darkfig wrote:
> > He just modified this exploit (DeluxeBB 1.06 Remote SQL Injection
> > Exploit) http://www.milw0rm.com/exploits/1793.
> Is vBulletin affected? In looking around, I found vBulletin installs
> that do have a misc.php, but it didn't seem like they make use of a
> parameter named 'sub'.
> theall at tenablesecurity.com
More information about the VIM