VBULLETIN 5.2.0/5.2.1/5.2.2 MEDIA UPLOAD SSRF PRIVILEGE ESCALATION

Author: c1tas, p0wd3r know Chong Yu 404 security lab CVE: CVE-2016-6483 A vulnerability overview vBulletin accepts the url parameters, it is not prohibited to jump transduction induced SSRF vBulletin need this function to access external connections, but this limit is not strict cause can trigger...

vBulletin x.x.x rce "0day"

Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a...

vBulletin < 4.2.2 - Memcache Remote Code Execution

vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a vulnerability or post anything about it, or put anything in the announcements on their website. They say "PL2 4.2.2 should prevent the use of localhost,"...

vBulletin Memcache Remote Code Execution

Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a...