Exploits / Vulnerability Discovered : 2020-08-12 |
Type : webapps |
Platform : php
This exploit / vulnerability Vbulletin 5.6.2 widget_tabbedcontainer_tab_panel remote code execution is for educational purposes only and if it is used you will do on your own risk!
# vBulletin 5.5.4 through 5.6.2 are vulnerable to a remote code
# execution vulnerability caused by incomplete patching of the previous
# "CVE-2019-16759" RCE. This logic bug allows for a single pre-auth
# request to execute PHP code on a target vBulletin forum.
#More info can be found at:
#https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/