SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion

Vulnerability Summary The following advisory describes a unauthenticated deserialization vulnerability that leads to arbitrary delete files and, under certain circumstances, code execution found in vBulletin version 5. vBulletin, also known as vB, is “a widespread proprietary Internet forum software package developed by vBulletin Solutions, Inc., based on PHP and MySQL database server. vBulletin powers many … Continue reading SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion

This is a Security Bloggers Network syndicated blog post authored by SSD / Maor Schwartz. Read the original post at: SecuriTeam Blogs