Skip to main content

Vbseo

2 CVEs product

Monthly

CVE-2014-9463 HIGH POC THREAT Act Now

functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.6%.

RCE Code Injection PHP Vbseo
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
26.6%
Threat
4.1
CVE-2012-5223 HIGH POC THREAT Act Now

The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 79.6%.

PHP Code Injection RCE Vbseo
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
79.6%
Threat
5.4
EPSS 27% 4.1 CVSS 8.8
HIGH POC THREAT Act Now

functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.6%.

RCE Code Injection PHP +1
NVD Exploit-DB
EPSS 80% 5.4 CVSS 7.5
HIGH POC THREAT Act Now

The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 79.6%.

PHP Code Injection RCE +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy