module

vBulletin widgetConfig RCE

Try Surface Command
Back to search
Disclosed
Sep 23, 2019

Description

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code]
parameter in an ajax/render/widget_php routestring POST request.
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today