OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them .
usage :
![]()
OWASP VBScan 0.1.7 introduction
What’s New in Version 0.1.8 [Self Challenge]
![]()
Why OWASP VBScan ?
If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.
- Project Leader : Mohammad Reza Espargham
- Github : https://github.com/rezasp/vbscan/
- SourceForge : https://sourceforge.net/projects/vbscan/
- OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project
usage :
./vbscan.pl <target>
./vbscan.pl http://target.com/vbulletin
OWASP VBScan 0.1.7 introduction
What’s New in Version 0.1.8 [Self Challenge]
- Updated vulnerabilities database
- "Email Before Registration Plugin" SQL exploit added
- "Tapatalk vbulletin plugin" exploit added
- "Routestring RCE" exploit added
- Vbulletin possible password logger detector added
- Allow start from any path
- OpenRedirection founder module added
- Vbulletin version comparing module added
- A few enhancements