vBulletin 4.1.x / 5.x.x Upgrade 0day Exploit

Hello Guys
Since the eXploit was shared on other forums, I decided to post it to the public.
This Exploit Madleets Team Used To Stamp Many Big Forums
http://www.madleets.com/Thread-DirectAdm...ed-By-1337

Any ways, 1st find a vBulletin 4 or 5 target
2) Make sure it has a /install/upgrade.php file in it
3) Go to site.com/install/upgrade.php and right click the page and see source code.
Find var CUSTNUMBER =
4) Once found , copy it
5) Then open http://madleets.com/0days/
6) After that paste that CUSTNUMBER into the Customer I.D box (It will be something like 9c4818514a74338f980793e7426b2fb1)
7) Fill in the other box's such as site URL, Username, Password and Email.
8) Once done, click Inject Admin and let the page load
9) Thats all, now go to the forum and login with the login details which you injected the site with.

Have fun ..

 
How to patch the bug ?
- Just Remove the install directory.



Thanks To Madleets.com Team Where I Got This Exploit.