Lucene search

vBulletin 5 Connect 5.1.2 through 5.1.9 PHP object injection attack

🗓️ 24 Nov 2015 00:00:00Reported by AttackerKBType

vBulletin 5 Connect 5.1.2 through 5.1.9 PHP object injection attack via vB_Api_Hook::decodeArguments metho

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
canvas	Immunity Canvas: VBULLETIN_PREAUTH_DECODEARGUMENTS	24 Nov 201520:59	–	canvas
Metasploit	vBulletin 5.1.2 Unserialize Code Execution	12 Nov 201520:36	–	metasploit
0day.today	vBulletin 5.1.2 Unserialize Code Execution Exploit	14 Nov 201500:00	–	zdt
0day.today	vBulletin 5.1.2 < 5.1.9 - Unserialize Code Execution Exploit	22 Aug 202000:00	–	zdt
Saint	vBulletin decodeArguments serialized object vulnerability	15 Apr 201600:00	–	saint
Saint	vBulletin decodeArguments serialized object vulnerability	15 Apr 201600:00	–	saint
Saint	vBulletin decodeArguments serialized object vulnerability	15 Apr 201600:00	–	saint
Saint	vBulletin decodeArguments serialized object vulnerability	15 Apr 201600:00	–	saint
Circl	CVE-2015-7808	5 Nov 201500:00	–	circl
Cvelist	CVE-2015-7808	24 Nov 201520:00	–	cvelist

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
exploit-db	www.exploit-db.com/exploits/38629
blog	www.blog.sucuri.net/2015/11/vbulletin-exploits-in-the-wild.html
rapid7	www.rapid7.com/db/modules/exploit/multi/http/vbulletin_unserialize
blog	www.blog.checkpoint.com/2015/11/05/check-point-discovers-critical-vbulletin-0-day
packetstormsecurity	www.packetstormsecurity.com/files/134331/vBulletin-5.1.2-Unserialize-Code-Execution.html
pastie	www.pastie.org/pastes/10527766/text

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Nov 2015 00:00Current

7.3High risk

Vulners AI Score7.3

EPSS0.8478