CVE-2019-16759 PoC — vBulletin 输入验证错误漏洞

Source

Associated Vulnerability

Title:vBulletin 输入验证错误漏洞 (CVE-2019-16759)
Description:vBulletin是美国InternetBrands和vBulletinSolutions公司的一款基于PHP和MySQL的开源Web论坛程序。 vBulletin 5.x版本至5.5.4版本中存在安全漏洞。攻击者可借助‘widgetConfig[code]’参数利用该漏洞执行命令。

Description

Mass Exploit CVE-2019-16759

Readme

# vBulletin Mass Exploit CVE-2019-16759
--------------------------------------
![vBulletin Mass Exploit](https://i.ibb.co/t2vy7kv/Screenshot-2020-02-21-05-27-44-789-com-termux.png)
--------



### Alert!
-------
**This tool was made for penetration testing CVE-2019-16759.**<br/>
**We are not responsible for errors made by users of this tool.**<br/>
### Installation and usage:

**$** pkg install git python2<br/>
**$** pip2 install requests<br/>
**$** git clone https://github.com/psychoxploit/vbull<br/>
**$** cd vbull<br/>

**Note:**<br/>
Before you run this tool, make sure you have created a txt file that contains http://target.tld/ or http://target.tld/path/<br/>
http: // or https: // and the right slash (/) after the domain name or path name, it's very important.<br/>
if there are no such signs, chances are this tool doesn't work the way you want it to.<br/>

if you already have it you can use these tools to your heart's content!<br/>

**$** python2 vbull.py<br/>

Good luck!

File Snapshot


 [4.0K]  /data/pocs/9ff8503233997f93576e99ff6e1fae510b15dcce
├── [ 991]  README.md
└── [ 20K]  vbull.py

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!