CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vBulletin versions 5.0.x prior to 6.0.4 are vulnerable to an improper authentication allowing unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later. This vulnerability can lead to remote code execution RCE. Note that this plugin requires the 'File...

10CVSS8.5AI score0.69649EPSS

Exploits6References3

NVD•added 2025/05/27 4:15 a.m.•36 views

CVE-2025-48827

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...

10CVSS0.69649EPSS

Exploits4References3

CVE•added 2025/05/27 12:0 a.m.•175 views

CVE-2025-48828

vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution (RCE) flaw in the ajax/api/ad/replaceAdTemplate endpoint caused by improper use of PHP’s Reflection API. An unauthenticated attacker can inject a crafted template (eg, using vb:if with code via passthru($POST[...])) and trigge...

9CVSS9.5AI score0.48358EPSS

Exploits2References3Affected Software1

RedhatCVE•added 2025/05/22 4:14 p.m.•6 views

CVE-2020-25117

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

4.8CVSS5.7AI score0.00553EPSS

Exploits1

RedhatCVE•added 2025/05/22 10:2 a.m.•7 views

CVE-2019-17132

vBulletin through 5.5.4 mishandles custom avatars...

9.8CVSS6.9AI score0.1178EPSS

Exploits4References1

RedhatCVE•added 2025/05/22 3:9 a.m.•10 views

CVE-2013-6129

The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldatapassword, htmldataconfirmpassword, and htmldataemail parameters, as exploited in the wild in October 2013...

7.5CVSS6.9AI score0.51887EPSS

Exploits7References1

RedhatCVE•added 2025/05/22 1:53 a.m.•10 views

CVE-2011-5251

Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter in a lostpw action...

5.8CVSS7.1AI score0.01533EPSS

Exploits1References1

Packet Storm•added 2020/08/11 12:0 a.m.•322 views

vBulletin 5.x Remote Code Execution

!/bin/bash vBulletin widgettabbedcontainertabpanel 5.x 0day by @Zenofex Usage ./exploit Urlencode cmd CMD=echo $2|perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' Send request curl -s $1/ajax/render/widgettabbedcontainertabpanel -d...

7.5CVSS0.3AI score0.99728EPSS

Exploits27

Tenable Nessus•added 2019/10/17 12:0 a.m.•21 views

vBulletin < 5.6.2 Patch Level 1 Remote Code Execution Vulnerability

The instance of vBulletin running on the remote host is affected by a command execution vulnerability. A remote, unauthenticated attacker can exploit this issue, via a specially crafted HTTP request, to execute commands on the remote host. All versions of vBulletin prior to the 5.6.x branch are...

9.8CVSS10AI score0.99728EPSS

Exploits28References7

NVD•added 2019/10/08 1:15 p.m.•19 views

CVE-2019-17271

vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter...

4.9CVSS5.8AI score0.01447EPSS

Exploits2References2

NVD•added 2019/10/04 12:15 p.m.•18 views

CVE-2019-17131

vBulletin before 5.5.4 allows clickjacking...

4.3CVSS4.7AI score0.00837EPSS

Exploits0References1

Cvelist•added 2018/01/25 4:0 a.m.•18 views

CVE-2018-6200

vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter...

6.3AI score0.03402EPSS

Exploits1References1

Prion•added 2017/09/19 3:29 p.m.•15 views

Authorization

vBulletin 5.x through 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure...

4CVSS6.7AI score0.00977EPSS

Exploits0References2Affected Software1