This exploit demonstrates a SQL injection vulnerability in Inferno vBShout <= 2.5.2. The vulnerability is located in the 'infernoshout.php' file, specifically in the 'do=options&area=commands' endpoint, allowing an attacker to extract sensitive user data such as usernames, passwords, and salts.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:Inferno vBShout <= 2.5.2
Auth required
Prerequisites:Access to the vulnerable endpoint · Valid user session