90 matches found
vBulletin replaceAdTemplate - Remote Code Execution
vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution RCE vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP's Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted...
CVE-2018-6200
vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter...
📄 vBulletin 6.0.3 replaceAdTemplate Expression Injection
Proof of concept exploit for vBulletin versions 5.0.0 through 6.0.3 for the replaceAdTemplate expression injection vulnerability. ============================================================================================================================================= | Title : vBulletin 5.0.0...
EUVD-2006-0088
Malware in sbrugna...
EUVD-2007-2904
Malware in sbrugna...
EUVD-2014-2073
Malware in sbrugna...
EUVD-2006-1044
Malware in sbrugna...
EUVD-2008-3759
Malware in sbrugna...
EUVD-2003-0290
Malware in sbrugna...
EUVD-2007-2903
Malware in sbrugna...
EUVD-2005-4616
Malware in sbrugna...
EUVD-2017-8829
Malware in sbrugna...
EUVD-2012-3791
Malware in sbrugna...
EUVD-2006-4261
Malware in sbrugna...
EUVD-2005-3021
Malware in sbrugna...
EUVD-2014-2074
Malware in sbrugna...
EUVD-2019-7589
Malware in sbrugna...
EUVD-2025-22462
Malicious code in bioql PyPI...
EUVD-2023-43477
Malicious code in bioql PyPI...
CVE-2025-46171
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum...