{"id": "SECURITYVULNS:DOC:7889", "bulletinFamily": "software", "title": "[Full-Disclosure] : [SCAN Associates Security Advisory] vbulletin 3.0.6 and below php code injection", "description": "Summary: vbulletin 3.0.6 and below php code injection\r\n\r\nDescription\r\n===========\r\nvBulletin is a powerful, scalable and fully customizable forums package\r\nfor your web site. It has been written using the Web's quickest-growing\r\nscripting language; PHP, and is complimented with a highly efficient and\r\nultra fast back-end database engine built using MySQL.\r\n\r\nDetails\r\n=======\r\nUser may inject php code using "nested variable" into template name when\r\n"Add Template Name in HTML Comments" is enable. This option is not enable\r\nby default and is not recomended by vbulletin for production environment.\r\nThe problem occur when user may supply partial template name through\r\nmisc.php.\r\n\r\n\r\nWorkaround\r\n==========\r\nDisable "Add Template Name in HTML Comments" option.\r\n\r\nProof of concept\r\n================\r\nhttp://site.com/misc.php?do=page&template={${phpinfo()}}\r\n\r\nVendor Response\r\n===============\r\n17th February 2005 - Vulnerability found\r\n18th February 2005 - vbulletin developer informed\r\n19th February 2005 - vbulletin developer confirmed\r\n20th February 2005 - Fix Available from vbulletin team\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.netsys.com/full-disclosure-charter.html", "published": "2005-02-22T00:00:00", "modified": "2005-02-22T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:7889", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:12", "edition": 1, "viewCount": 0, "enchantments": {"score": {"value": 1.5, "vector": "NONE", "modified": "2018-08-31T11:10:12", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["EULEROS_SA-2020-1318.NASL", "EULEROS_SA-2020-1323.NASL", "EULEROS_SA-2020-1261.NASL", "EULEROS_SA-2020-1314.NASL", "DEBIAN_DLA-2164.NASL", "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "EULEROS_SA-2020-1299.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201314", "OPENVAS:1361412562311220201299", "OPENVAS:1361412562311220201256", "OPENVAS:1361412562311220201323", "OPENVAS:1361412562311220201318", "OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "zdt", "idList": ["1337DAY-ID-34153", "1337DAY-ID-34134"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:10149"]}, {"type": "kitploit", "idList": ["KITPLOIT:1907207623071471216"]}, {"type": "mssecure", "idList": ["MSSECURE:057ED5C1C386380F0F149DBAC7F1F6EF"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:156729"]}], "modified": "2018-08-31T11:10:12", "rev": 2}, "vulnersScore": 1.5}, "affectedSoftware": []}

{"rst": [{"lastseen": "2021-01-19T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **179[.]102.172.191** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **21**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-19T03:00:00.\n IOC tags: **generic**.\nASN 26599: (First IP 179.102.64.0, Last IP 179.103.255.255).\nASN Name \"TELEFNICA\" and Organisation \"BRASIL SA\".\nASN hosts 1095 domains.\nGEO IP information: City \"\", Country \"Brazil\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:8E461C18-7889-3342-85A3-6332E67CA5D0", "href": "", "published": "2021-01-20T00:00:00", "title": "RST Threat feed. IOC: 179.102.172.191", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-19T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **196[.]220.67.2** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2019-12-24T03:00:00, Last seen: 2021-01-19T03:00:00.\n IOC tags: **generic**.\nASN 37686: (First IP 196.220.66.0, Last IP 196.220.67.255).\nASN Name \"ABUZ1AS\" and Organisation \"\".\nASN hosts 5 domains.\nGEO IP information: City \"Lagos\", Country \"Nigeria\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-24T00:00:00", "id": "RST:25C3F747-7889-3725-B212-95C1ACF467C8", "href": "", "published": "2021-01-20T00:00:00", "title": "RST Threat feed. IOC: 196.220.67.2", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-18T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **windwrm[.]bid** in [RST Threat Feed](https://rstcloud.net/profeed) with score **2**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-01-18T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 23[.]202.231.167,23.217.138.108\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:CB71BCF0-7889-362B-9164-5EC4032B8CFB", "href": "", "published": "2021-01-19T00:00:00", "title": "RST Threat feed. IOC: windwrm.bid", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **energia[.]bme.hu** in [RST Threat Feed](https://rstcloud.net/profeed) with score **24**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-17T03:00:00.\n IOC tags: **generic**.\nDomain has DNS A records: 152[.]66.39.100\nWhois:\n Created: 1993-03-03 12:24:46, \n Registrar: unknown, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:4A063EDF-7889-377A-A295-E9430D9DE877", "href": "", "published": "2021-01-18T00:00:00", "title": "RST Threat feed. IOC: energia.bme.hu", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-16T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **farmac[.]com.mx** in [RST Threat Feed](https://rstcloud.net/profeed) with score **37**.\n First seen: 2021-01-16T03:00:00, Last seen: 2021-01-16T03:00:00.\n IOC tags: **generic**.\nDomain has DNS A records: 208[.]113.214.114\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-16T00:00:00", "id": "RST:AE8DA907-7889-3A8B-BA30-B8C014F9F72F", "href": "", "published": "2021-01-17T00:00:00", "title": "RST Threat feed. IOC: farmac.com.mx", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-06T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **www[.]solomine.org** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-01-10T03:00:00, Last seen: 2020-11-06T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-01-10T00:00:00", "id": "RST:E28A8659-7889-315F-B8B7-4EA5B653A3E3", "href": "", "published": "2021-01-17T00:00:00", "title": "RST Threat feed. IOC: www.solomine.org", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-10T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **61[.]221.64.6** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **8**.\n First seen: 2020-07-20T03:00:00, Last seen: 2021-01-10T03:00:00.\n IOC tags: **shellprobe**.\nASN 3462: (First IP 61.216.113.0, Last IP 61.225.84.255).\nASN Name \"HINET\" and Organisation \"Data Communication Business Group\".\nASN hosts 184395 domains.\nGEO IP information: City \"New Taipei\", Country \"Taiwan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-07-20T00:00:00", "id": "RST:7BC28641-7889-3CE7-9662-AAB4AFBCDF6A", "href": "", "published": "2021-01-11T00:00:00", "title": "RST Threat feed. IOC: 61.221.64.6", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **222[.]111.199.105** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **20**.\n First seen: 2020-12-11T03:00:00, Last seen: 2020-12-17T03:00:00.\n IOC tags: **shellprobe**.\nASN 4766: (First IP 222.111.191.0, Last IP 222.111.236.255).\nASN Name \"KIXSASKR\" and Organisation \"Korea Telecom\".\nASN hosts 607758 domains.\nGEO IP information: City \"Seoul\", Country \"South Korea\".\nIOC could be a **False Positive** (May be a Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-11T00:00:00", "id": "RST:491F986C-7889-39E0-B2BF-688A002FDADB", "href": "", "published": "2020-12-18T00:00:00", "title": "RST Threat feed. IOC: 222.111.199.105", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-13T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **23[.]94.96.119** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **32**.\n First seen: 2020-11-24T03:00:00, Last seen: 2020-12-13T03:00:00.\n IOC tags: **generic**.\nASN 36352: (First IP 23.94.43.0, Last IP 23.95.20.255).\nASN Name \"ASCOLOCROSSING\" and Organisation \"ColoCrossing\".\nASN hosts 216176 domains.\nGEO IP information: City \"\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-11-24T00:00:00", "id": "RST:CAA0E2AF-7889-3D2B-85A7-1BCA4A47298C", "href": "", "published": "2020-12-14T00:00:00", "title": "RST Threat feed. IOC: 23.94.96.119", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-10T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **111[.]88.84.139** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2020-12-09T03:00:00, Last seen: 2020-12-10T03:00:00.\n IOC tags: **scan**.\nASN 132165: (First IP 111.88.80.0, Last IP 111.88.137.255).\nASN Name \"CONNECTASAP\" and Organisation \"Connect Communications\".\nASN hosts 49 domains.\nGEO IP information: City \"Karachi\", Country \"Pakistan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-09T00:00:00", "id": "RST:835ADFEE-7889-3D0E-8021-B1D28F88E403", "href": "", "published": "2020-12-11T00:00:00", "title": "RST Threat feed. IOC: 111.88.84.139", "type": "rst", "cvss": {}}]}