55 matches found
CVE-2012-5223
The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...
CVE-2012-5223
The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...
Code injection
The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...
CVE-2012-5223
The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...
CVE-2012-5223
CVE-2012-5223 affects vBSEO: the proc_deutf() function in includes/functions_vbseocp_abstract.php for vBSEO 3.5.0–3.6.0 and earlier allows remote code execution via the char_repl parameter, which is inserted into a regex processed by preg_replace with the eval modifier. Public sightings and explo...
vBSEO - u Cross-Site Scripting
vBSEO - u Cross-Site Scripting source: https://www.securityfocus.com/bid/55908/info vBSEO is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...
vBSEO - 'u' Cross-Site Scripting
source: https://www.securityfocus.com/bid/55908/info vBSEO is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
VBSEO SQL Injection
VBSEO vbseo.phpaids SQL Injection Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
vBSEO 3.6.0 PHP Code Injection
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'vBSEO %q This...
vBSEO 3.6.0 RCE
Remote command execution vulnerability in vBSEO procdeutf Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
vBSEO 'proc_deutf()' Remote Code Execution Vulnerability
vBSEO is prone to a remote code-execution vulnerability. Exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. vBSEO 3.5.0, 3.5.1, 3.5.2, and 3.6.0.are vulnerable; other versions may also be affected. OpenVAS Vulnerability Test $Id:...
vBSEO 'proc_deutf()' RCE Vulnerability - Active Check
vBSEO is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vbulletin:vbulletin"...
vBSEO proc_deutf() Remote PHP Code Injection
This module exploits a vulnerability in the 'procdeutf' function defined in /includes/functionsvbseocpabstract.php for vBSEO versions 3.6.0 and earlier. User input passed through 'charrepl' POST parameter isn't properly sanitized before being used in a call to pregreplace function which uses the...
vBSEO 3.6.0 - 'proc_deutf()' Remote PHP Code Injection (Metasploit)
require 'msf/core' class Metasploit3 'vBSEO %q This module exploits a vulnerability in the 'procdeutf' function defined in /includes/functionsvbseocpabstract.php. User input passed through 'charrepl' POST parameter isn't properly sanitized before being used in a call to pregreplace function which...
vBSEO <= 3.6.0 "proc_deutf()" Remote PHP Code Injection Exploit
Exploit for php platform in category web applications require 'msf/core' class Metasploit3 'vBSEO %q This module exploits a vulnerability in the 'procdeutf' function defined in /includes/functionsvbseocpabstract.php. User input passed through 'charrepl' POST parameter isn't properly sanitized...
vBseo(vBSEO remote execution vulnerability-vulnerability warning-the black bar safety net
!/ usr/bin/perl vBseo 3.1.0 vbseo.php vbseourl Remote Command Execution Exploit vendor: http://www.vbseo.com/ Author: Jose Luis Gongora Fernandez a. k. a JosS twitter: @JossGongora mail: joss. xroot0x40gmail0x2ecom site: http://www.hack0wn.com/ This was written for educational purpose. Use it at...
vBseo 3.1.0 Remote Command Execution
!/usr/bin/perl vBseo 3.1.0 vbseo.php vbseourl Remote Command Execution Exploit vendor: http://www.vbseo.com/ Author: Jose Luis Gongora Fernandez a.k.a JosS twitter: @JossGongora mail: joss.xroot0x40gmail0x2ecom site: http://www.hack0wn.com/ This was written for educational purpose. Use it at your...
vBseo 3.1.0 (vbseo.php vbseourl) Remote Command Execution Exploit
Exploit for php platform in category web applications !/usr/bin/perl vBseo 3.1.0 vbseo.php vbseourl Remote Command Execution Exploit vendor: http://www.vbseo.com/ Author: Jose Luis Gongora Fernandez a.k.a JosS twitter: @JossGongora mail: joss.xroot0x40gmail0x2ecom site: http://www.hack0wn.com/ Th...
vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks
Exploit for php platform in category web applications Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. A full package of SEO enhancement...
vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks
vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on t...