vendor:
vBulletin
by:
AL3NDALEEB
N/A
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: vBulletin
Affected Version From: 3.0
Affected Version To: 3.0.4
Patch Exists: NO
Related CWE:
CPE: a:vbulletin:vbulletin:3.0
Platforms Tested:
2005
vbulletin 3.0.x execute command
This exploit allows an attacker to execute commands on a vBulletin 3.0.x system if certain conditions are met. The conditions include the showforumusers option being set to true, the user being a visitor/guest, at least one user showing the forum, and magic_quotes_gpc being turned off. The vulnerability affects vBulletin versions 3.0 up to and including version 3.0.4. The immune versions are vBulletin versions 3.0.5 and 3.0.6.
Mitigation:
Upgrade to vBulletin version 3.0.5 or above. Ensure that the showforumusers option is set to false, and enable magic_quotes_gpc to provide protection against SQL injection attacks.