CVE-2019-16759 PoC — vBulletin 输入验证错误漏洞

Source

https://github.com/0xdims/CVE-2019-16759

Associated Vulnerability

Title:vBulletin 输入验证错误漏洞 (CVE-2019-16759)
Description:vBulletin是美国InternetBrands和vBulletinSolutions公司的一款基于PHP和MySQL的开源Web论坛程序。 vBulletin 5.x版本至5.5.4版本中存在安全漏洞。攻击者可借助‘widgetConfig[code]’参数利用该漏洞执行命令。

Description

This tools will extracts and dumps Email + SMTP from vBulletin database server

Readme

# vBulletin RCE 5.x Get Email + SMTP

# CVE-2019-16759
This tools will extracts and dumps Email + SMTP from database server

## USAGE
```bash
$ git clone https://github.com/mas1337/CVE-2019-16759.git && cd CVE-2019-16759
$ ./vb-email-smtp.sh list.txt
```
## Disclaimer
All code on this repository is for educational purposes only and is not intended for production code. The code is supplied "as is". Use at your own risks.

## Example
![](example.gif)

## Note
Use list with http:// or https://

File Snapshot


 [4.0K]  /data/pocs/64eb9a036a128a2a3a4031075de859ee83ba9169
├── [ 17M]  example.gif
├── [ 496]  README.md
└── [7.1K]  vb-email-smtp.sh

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!