VBulletin 2.0.3 Calendar.PHP Command Execution Vulnerability

ID EDB-ID:21874
Type exploitdb
Reporter gosper
Modified 2002-09-27T00:00:00


VBulletin 2.0.3 Calendar.PHP Command Execution Vulnerability. CVE-2002-1660. Webapps exploit for php platform

                                            source: http://www.securityfocus.com/bid/5820/info

A remote command execution vulnerability has been reported for vBulletin. The vulnerability is due to vBulletin failing to properly sanitize user-supplied input from URI parameters. 

An attacker can exploit this vulnerability to execute malicious commands on the vulnerable system.


where <command> signifies a command to be executed on the system.