Full title: vBulletin 5.6.1 SQL Injection Exploit 
Category: web applications
Platform: php
This Metasploit module exploits a SQL injection vulnerability found in vBulletin versions 5.6.1 and below. This module uses the getIndexableContent vulnerability to reset the administrator's password and it then uses the administrators login information to achieve remote code execution on the target. This module has been tested successfully on vBulletin version 5.6.1 on the Ubuntu Linux distribution.

# 0day.today @ http://0day.today/