Web Vulnerability Analysis / WebApp PenTest

OWASP VBScan v0.1.8 releases: Black Box vBulletin Vulnerability Scanner

by do son · Published September 14, 2018 · Updated November 4, 2024

OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in Perl programming language to detect VBulletin CMS vulnerabilities and analyses them.

Why OWASP VBScan?

If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

Changelog v0.1.8

Updated vulnerabilities database
“Email Before Registration Plugin” SQL exploit added
“Tapatalk VBulletin plugin” exploit added
“Routestring RCE” exploit added
Vbulletin possible password logger detector added
Allow start from any path
OpenRedirection founder module added
Vbulletin version comparing module added
A few enhancements

Download

git clone https://github.com/rezasp/vbscan.git

usage :

./vbscan.pl <target>
./vbscan.pl http://target.com/vbulletin

OWASP Joomscan Copyright (C) 2018

Source: https://github.com/rezasp/vbscan

Tags: vbscan