5.0.0 all Beta releases SQL Injection Exploit 0day

Seen this last night on another site. You don't need a script to get the hash. You can do it with a URL. Only thing you need to do is point it at a thread an admin posted in. Once you got the hash it takes about 5 minutes to get the password.

 

I am surprised no one has used this on vbulletin.com yet.

I remember a user reported an exploit in the 3.8 branch shortly after IB took over and they marked it as trivial and told the user he didn't know what he was talking about. He then used it to gain access to one of the admin accounts, I don't remember who's it was, and posted in the private forum. Next day he showed screenshots of the private forums with him logged in. The thread was locked and removed. The trivial exploit was fixed the next day.

 

The exploit was sold to 2 people so expect to see vbulletin 5 hacked threads pop up at vbulletin.com. Of course the people that bought the kit will have a hard time finding any to hack.