vBSEO 'proc_deutf()' Remote Code Execution Vulnerability

vBSEO is prone to a remote code-execution vulnerability. Exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. vBSEO 3.5.0, 3.5.1, 3.5.2, and 3.6.0.are vulnerable; other versions may also be affected. OpenVAS Vulnerability Test $Id:...

vBSEO 3.6.0 PHP Code Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'vBSEO %q This...

vBSEO proc_deutf() Remote PHP Code Injection

This module exploits a vulnerability in the 'procdeutf' function defined in /includes/functionsvbseocpabstract.php for vBSEO versions 3.6.0 and earlier. User input passed through 'charrepl' POST parameter isn't properly sanitized before being used in a call to pregreplace function which uses the...