Lucene search
K

5 matches found

Nuclei
Nuclei
β€’added yesterdayβ€’29 views

vBulletin 5.0.0-6.0.3 - Authentication Bypass

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 contain an authentication bypass caused by unauthenticated access to protected API controllers on PHP 8.1 or later, letting unauthenticated attackers invoke protected methods remotely.Starting from PHP 8.1, due to an internal adjustment to...

10CVSS7.4AI score0.69817EPSS
Exploits4References2
GithubExploit
GithubExploit
β€’added 2025/07/14 2:17 a.m.β€’300 views

Exploit for Improper Protection of Alternate Path in Vbulletin

CVE-2025-48827 - vBulletin Authentication Bypass Exploit O...

10CVSS9.6AI score0.69817EPSS
Exploits4
Circl
Circl
β€’added 2025/05/27 4:47 a.m.β€’37 views

CVE-2025-48827

creationtimestamp| type| source ---|---|--- 2025-05-27 04:47:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17606 2025-05-27 05:35:48+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq4xrqhgwpy2 2025-05-27...

10CVSS7.5AI score0.69817EPSS
Exploits4References44
CVE
CVE
β€’added 2025/05/27 12:0 a.m.β€’281 views

CVE-2025-48827

CVE-2025-48827 affects vBulletin 5.0.0–5.7.5 and 6.0.0–6.0.3. The issue is an authentication bypass that allows unauthenticated attackers on PHP 8.1+ to invoke protected API controller methods remotely (e.g., via /api.php?method=protectedMethod), with confirmed exploitation in the wild and potent...

10CVSS9.6AI score0.69817EPSS
Exploits4References3Affected Software1
VulnCheck KEV
VulnCheck KEV
β€’added 2025/05/26 12:0 a.m.β€’5 views

VulnCheck KEV: CVE-2025-48827

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...

10CVSS7.3AI score0.69817EPSS
Exploits4References1
Rows per page
Query Builder