Lucene search

CVE-2020-7373

🗓️ 30 Oct 2020 17:12:15Reported by [email protected]Type

vBulletin 5.5.4 through 5.6.2 remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel reques

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 68
Prion	Design/Logic Flaw	30 Oct 202017:15	–	prion
Prion	Design/Logic Flaw	12 Aug 202014:15	–	prion
Prion	Cross site request forgery (csrf)	24 Sep 201922:15	–	prion
Cvelist	CVE-2020-7373	30 Oct 202016:50	–	cvelist
Cvelist	CVE-2020-17496	12 Aug 202013:07	–	cvelist
Cvelist	CVE-2019-16759	24 Sep 201921:01	–	cvelist
CVE	CVE-2020-7373	30 Oct 202017:15	–	cve
CVE	CVE-2020-17496	12 Aug 202014:15	–	cve
CVE	CVE-2019-16759	24 Sep 201922:15	–	cve
AttackerKB	CVE-2020-7373	30 Oct 202000:00	–	attackerkb

Nvd

Node

vbulletin vbulletinRange5.5.4–5.6.2

Source	Link
github	www.github.com/rapid7/metasploit-framework/pull/13970
forum	www.forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patch
seclists	www.seclists.org/fulldisclosure/2020/Aug/5
blog	www.blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Oct 2020 17:15Current

9.8High risk

Vulners AI Score9.8

CVSS27.5

CVSS39.8

EPSS0.94429

CWE-94