RSS   Vulnerabilities for 'Vbulletin'   RSS

2019-10-08
 
CVE-2019-17271

CWE-89
 

 
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter.

 
2019-10-04
 
CVE-2019-17132

CWE-20
 

 
vBulletin through 5.5.4 mishandles custom avatars.

 
 
CVE-2019-17131

CWE-1021
 

 
vBulletin before 5.5.4 allows clickjacking.

 
 
CVE-2019-17130

CWE-552
 

 
vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.

 
2019-09-24
 
CVE-2019-16759

CWE-20
 

 
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

 
2018-10-17
 
CVE-2018-15493

CWE-601
 

 
vBulletin 5.4.3 has an Open Redirect.

 
2018-01-24
 
CVE-2018-6200

CWE-601
 

 
vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter.

 
2017-12-13
 
CVE-2017-17672

CWE-502
 

 
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.

 
 
CVE-2017-17671

CWE-22
 

 
vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is blocked but ..\ traversal is not blocked. For example, an attacker can make an invalid HTTP request containing PHP code, and then make an index.php?routestring= request with enough instances of ".." to reach an Apache HTTP Server log file.

 
2017-09-19
 
CVE-2015-3419

 

 
vBulletin 5.x through 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure.

 


Copyright 2019, cxsecurity.com

 

Back to Top