vendor:
vBulletin
by:
Simo Ben youssef
7,5
CVSS
HIGH
Security-Bypass Vulnerability
N/A
CWE
Product Name: vBulletin
Affected Version From: 4.1.x
Affected Version To: 5.x.x
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2013
vBulletin Remote Admin Injection Exploit
vBulletin is prone to a security-bypass vulnerability. Successful exploits can allow attackers to bypass certain security restrictions and perform unauthorized actions.
Mitigation:
Rename or delete the install folder until a fix is released.
