Vulnerability Details : CVE-2013-3522
Public exploit exists!
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
Vulnerability category: Sql Injection
Products affected by CVE-2013-3522
- cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_28:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_11:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-3522
38.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2013-3522
-
vBulletin Password Collector via nodeid SQL Injection
Disclosure Date: 2013-03-24First seen: 2020-04-26auxiliary/gather/vbulletin_vote_sqliThis module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since March 2013. This module can be used to extract the web application's usernames and hashes, which could be used to authenticate into the vBulletin admin control -
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
Disclosure Date: 2013-03-25First seen: 2020-04-26exploit/unix/webapp/vbulletin_vote_sqli_execThis module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since March 2013. This module uses the sqli to extract the web application's usernames and hashes. With the retrieved information tries to log into the admin contro
CVSS scores for CVE-2013-3522
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2013-3522
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-3522
-
http://www.exploit-db.com/exploits/24882
vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection - PHP webapps ExploitExploit
Jump to