what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

vBulletin 5.x Remote Code Execution
Posted Aug 13, 2020
Authored by Zenofex | Site metasploit.com

This Metasploit module exploits a logic bug within the template rendering code in vBulletin 5.x. The module uses the vBulletin template rendering functionality to render the widget_tabbedcontainer_tab_panel template while also providing the widget_php argument. This causes the former template to load the latter bypassing filters originally put in place to address CVE-2019-16759. This also allows the exploit to reach an eval call with user input allowing the module to achieve PHP remote code execution on the target. This module has been tested successfully on vBulletin version 5.6.2 on Ubuntu Linux.

tags | exploit, remote, php, code execution
systems | linux, ubuntu
advisories | CVE-2019-16759, CVE-2020-7373
MD5 | b60b0666592e30c6b174a6e6343f7c54

Related Files

vBulletin 4.2.0 Cross Site Scripting
Posted Jun 20, 2012
Authored by Sangteamtham

vBulletin version 4.2.0 suffers from a persistent cross site scripting vulnerability in the calendar section.

tags | exploit, xss
MD5 | 943e2e0f75d9f6de370ad938df67f281
Secunia Security Advisory 49482
Posted Jun 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | ac3a429d4eee44fd690f35b89c4d2510
vBulletin 4.1.12 SQL Information Disclosure
Posted Jun 8, 2012
Authored by HauntIT

vBulletin version 4.1.12 suffers from a MySQL information disclosure vulnerability.

tags | exploit, sql injection, info disclosure
MD5 | fd7539f362a0ea9730bc4e72aae66056
vBulletin 4.1.12 Path Disclosure
Posted Jun 8, 2012
Authored by HauntIT

vBulletin version 4.1.12 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 4e154f9494e85bc2c6ed4d675211eaa0
vBulletin 4.1.12 Cross Site Scripting
Posted May 2, 2012
Authored by HauntIT

vBulletin version 4.1.12 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
MD5 | f27f3e1fe789dc2327a20c86dc4c4269
vBulletin 4.1.10 Local File Inclusion
Posted Apr 30, 2012
Authored by Am!r, BHG Security Center

vBulletin version 4.1.10 suffers from a local file inclusion vulnerability in functions_cron.php.

tags | exploit, local, php, file inclusion
MD5 | 901765eddaecb7e2ddd9b56a53cdbb0e
Secunia Security Advisory 48917
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in vBulletin Suite, vBulletin Forum, and the MAPI plugin for vBulletin.

tags | advisory
MD5 | ec221d5f4ca76e231dc12188fccad14a
Secunia Security Advisory 48541
Posted Apr 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in vBulletin, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | c4247462932657209cd195e031952dfd
vBulletin 4.1.10 SQL Injection
Posted Apr 6, 2012
Authored by Am!r | Site irist.ir

vBulletin version 4.1.10 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c531dd8252143b2d9ae57ca779ff207a
Secunia Security Advisory 48531
Posted Mar 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the vBShout module for vBulletin, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 957db585f7f1f204ad94c97b858a7403
Secunia Security Advisory 48560
Posted Mar 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the vBShop module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | a10e7f735077ab5ee571ff77d28f3236
Secunia Security Advisory 48514
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Forumon RPG module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 6a48d48f2ebc3a90ed1fe262d2671efb
Secunia Security Advisory 48490
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the vbActivity module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | a26226362fd96b8ae99fb7a5bfbe09b2
Secunia Security Advisory 48522
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vBDownloads module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 4af81d5db5e393c670e6240782d31d7f
Secunia Security Advisory 48521
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vBQuiz module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 5364aa0fe5d5b42029e1ed21a8666493
Secunia Security Advisory 48519
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the vBShout module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | dbd90e38756b84cf126beda9d930ba76
Secunia Security Advisory 48506
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | cd4e71b5c11d6c4ade754a5d1116dad5
vBulletin 3.8.x - 4.1.11 Cross Site Scripting
Posted Mar 25, 2012
Authored by Sony, Flexxpoint

vBulletin versions 3.8.x through 4.1.11 suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 4d5000341467a213d11e94e426bb4507
vBulletin vBShout 6.0.5 Cross Site Scripting
Posted Mar 24, 2012
Authored by d3v1l

vBulletin vBShout module versions 6.0.5 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e3a0a024b108e6882a5c0b10cd0b630f
Secunia Security Advisory 48525
Posted Mar 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the vBShout module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 13f1907a2b8c729f0c64023778226038
Secunia Security Advisory 47536
Posted Jan 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in vBulletin and vBulletin Publishing Suite, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | 4a431b98fcde50f7904df55445cc994d
Secunia Security Advisory 46768
Posted Nov 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in vBulletin Publishing Suite.

tags | advisory
MD5 | ef792cd1f4d8d565fb59805976682abf
vBulletin 4.1.7 Beta 1 Remote File Inclusion
Posted Oct 30, 2011
Authored by indoushka

vBulletin version 4.1.7 Beta 1 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 50345d9a02d198f12651f815275aedec
vBulletin 4.1.3pl3 / 4.1.4pl3 / 4.1.5pl1 Cross Site Scripting
Posted Aug 3, 2011
Authored by Muhammad Haroon

vBulletin versions 4.1.3pl3, 4.1.4pl3, and 4.1.5pl1 suffer from an adminCP cross site scripting vulnerability.

tags | exploit, xss
MD5 | 488ea96e865e2a6af18172bcda9efe29
Secunia Security Advisory 45481
Posted Aug 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vBulletin Publishing Suite and vBulletin Forum Classic, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 30ec95259d3f06935ac5d7ba50c92f96
Page 1 of 4
Back1234Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    16 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close