VDB-83794 · SA19352 · OSVDB 24691

vBulletin ImpEx Module ImpExController.php systempath file inclusion

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in vBulletin (Forum Software) (the affected version is unknown) and classified as critical. This vulnerability affects an unknown code of the file ImpExController.php of the component ImpEx Module. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field05/07/2016 05:45 PM11/21/2018 04:29 AM
typeForum SoftwareForum Software
namevBulletinvBulletin
componentImpEx ModuleImpEx Module
fileImpExController.phpImpExController.php
argumentsystempathsystempath
risk22
cvss2_vuldb_basescore6.06.0
cvss2_vuldb_tempscore5.45.4
cvss2_vuldb_avNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.06.0
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
date1144871958 (04/12/2006)1144871958 (04/12/2006)
locationBugtraqBugtraq
typePostingPosting
urlhttp://archives.neohapsis.com/archives/bugtraq/2006-04/0247.htmlhttp://archives.neohapsis.com/archives/bugtraq/2006-04/0247.html
person_nicknameDr.Jr7Dr.Jr7
availability11
date1144800000 (04/12/2006)1144800000 (04/12/2006)
price_0day$0-$5k$0-$5k
osvdb2469124691
osvdb_create11453039991145303999
osvdb_titlevBulletin ImpEx Module ImpExController.php systempath Parameter Remote File InclusionvBulletin ImpEx Module ImpExController.php systempath Parameter Remote File Inclusion
secunia1935219352
secunia_titlevBulletin ImpEx Module "systempath" File Inclusion VulnerabilityvBulletin ImpEx Module "systempath" File Inclusion Vulnerability
secunia_riskHighly CriticalHighly Critical
seealso29693 29328 8379529693 29328 83795
cwe73 (privilege escalation)73 (privilege escalation)
cvss3_vuldb_uiNN
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_ePP
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
0day_days11
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
secunia_date1143072000 (03/23/2006)

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!