Vulnerability CVE-2018-15493


Published: 2018-10-17

Description:
vBulletin 5.4.3 has an Open Redirect.

Type:

CWE-601

(URL Redirection to Untrusted Site ('Open Redirect'))

Vendor: Vbulletin
Product: Vbulletin 
Version: 5.4.3;

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
4.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-017.txt

Related CVE
CVE-2019-17271
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter.
CVE-2019-17132
vBulletin through 5.5.4 mishandles custom avatars.
CVE-2019-17131
vBulletin before 5.5.4 allows clickjacking.
CVE-2019-17130
vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.
CVE-2019-16759
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
CVE-2018-6200
vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter.
CVE-2017-17672
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cach...
CVE-2017-17671
vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is...

Copyright 2019, cxsecurity.com

 

Back to Top