Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 up to and including 3.0.4, when showforumusers is enabled, allows remote malicious users to execute inject arbitrary PHP commands via the comma parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jelsoft vbulletin 3.0 |
||
jelsoft vbulletin 3.0.1 |
||
jelsoft vbulletin 3.0.2 |
||
jelsoft vbulletin 3.0.3 |
||
jelsoft vbulletin 3.0.4 |