admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 02:31:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/vBulletin/CVE-2019-16759
History
tardc e5729add18 Add CVE-2019-16759
2020-04-28 13:35:59 +08:00
..
CVE-2019-16759.gif
Add CVE-2019-16759
2020-04-28 13:35:59 +08:00
README.md
Add CVE-2019-16759
2020-04-28 13:35:59 +08:00

README.md

CVE-2019-16759 vBulletin 5.x Remote Code Execution Vulnerability

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

Affected version: vBulletin 5.x - 5.5.4

FOFA query rule: app="vBulletin"

Demo