Vulners
Lucene search
vbulletin306.txt
`Summary: vbulletin 3.0.6 and below php code injection
Description
===========
vBulletin is a powerful, scalable and fully customizable forums package
for your web site. It has been written using the Web's quickest-growing
scripting language; PHP, and is complimented with a highly efficient and
ultra fast back-end database engine built using MySQL.
Details
=======
User may inject php code using "nested variable" into template name when
"Add Template Name in HTML Comments" is enable. This option is not enable
by default and is not recomended by vbulletin for production environment.
The problem occur when user may supply partial template name through
misc.php.
Workaround
==========
Disable "Add Template Name in HTML Comments" option.
Proof of concept
================
http://site.com/misc.php?do=page&template={${phpinfo()}}
Vendor Response
===============
17th February 2005 - Vulnerability found
18th February 2005 - vbulletin developer informed
19th February 2005 - vbulletin developer confirmed
20th February 2005 - Fix Available from vbulletin team
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
26 Feb 2005 00:00Current
7.4High risk
Vulners AI Score7.4