3 matches found
CVE-2005-0429
Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter...
CVE-2005-0429
CVE-2005-0429 affects vBulletin 3.0–3.0.4: Direct code injection in forumdisplay.php when showforumusers is enabled enables remote execution of arbitrary PHP commands via the comma parameter. Confirmed by NVD/OpenVAS/Nessus entries; impact is remote command execution with web server privileges. N...
vBulletin forumdisplay.php comma Parameter Arbitrary Command Execution
The remote version of vBulletin is vulnerable to a remote command execution flaw through the script 'forumdisplay.php'. A malicious user could exploit this flaw to execute arbitrary commands on the remote host with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security,...