Day: December 13, 2017

SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion

Vulnerability Summary The following advisory describes a unauthenticated deserialization vulnerability that leads to arbitrary delete files and, under certain circumstances, code execution found in vBulletin version 5. vBulletin, also known as vB, is “a widespread proprietary Internet forum software package developed by vBulletin Solutions, Inc., based on PHP and MySQL database server. vBulletin powers many …

SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion Read More »

SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution

Vulnerability Summary The following advisory describes a unauthenticated file inclusion vulnerability that leads to remote code execution found in vBulletin version 5. vBulletin, also known as vB, is a widespread proprietary Internet forum software package developed by vBulletin Solutions, Inc., based on PHP and MySQL database server. vBulletin powers many of the largest social sites …

SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution Read More »

?

Get in touch