← back
CVE-2005-0511

CVE-2005-0511

EPSS 35.8%
misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/16896unverifiedexploitdbwww.exploit-db.com/exploits/832unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=110910899415763&w=2http://secunia.com/advisories/14326http://www.securityfocus.com/bid/12622http://www.vbulletin.com/forum/showthread.php?postid=819562