Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

vBulletin < 3.0.7 misc.php PHP Code Injection



The remote host is vulnerable to an HTML injection attack.


The remote host is running a version of vBulletin, a forum application implemented in PHP, that is vulnerable to a flaw in the misc.php script. The flaw allows a remote attacker the ability to execute PHP code on the server. An attacker exploiting this flaw would pass malformed data to the 'template' parameter of the misc.php script.


Upgrade to version 3.0.7 or higher.