8 matches found
vBulletin 5.1.2 < 5.1.9 - Unserialize Code Execution Exploit
Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin 5.1.2 Unserialize Code Execution', 'Description' = %q This module exploits a PHP...
vBulletin decodeArguments serialized object vulnerability
Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...
vBulletin decodeArguments serialized object vulnerability
Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...
Immunity Canvas: VBULLETIN_PREAUTH_DECODEARGUMENTS
Name| vbulletinpreauthdecodeArguments ---|--- CVE| CVE-2015-7808 Exploit Pack| CANVAS Description| vBulletin pre-auth remote code execution Notes| CVE Name: CVE-2015-7808 VENDOR: vBulletin Solutions NOTES: Tested on Ubuntu 14.04 against: - vBulletin 5.1.4 - vBulletin 5.0.4 Repeatability: Infinite...
CVE-2015-7808
CVE-2015-7808 affects vBulletin 5 Connect 5.1.2–5.1.9. The vulnerability is a PHP object injection in vB_Api_Hook::decodeArguments that allows a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments, enabling remote code execution. Exploitation is demonstrated in p...
vBulletin 5.1.2 Unserialize Code Execution Exploit
This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9 This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'vBulletin 5.1.2 Unserialize Code...
vBulletin 5.1.2 Unserialize Code Execution
This module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin 5.1.2 Unserialize Code Execution', 'Description' ...
vBulletin 5.1.4 - 5.1.9 PreAuth RCE Vulnerability - Active Check
vBulletin is prone to a remote code execution RCE vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...