CVE-2007-4120 in vBulletinजानकारी

सारांश

द्वारा VulDB • 01/07/2026

**DISPUTED** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states "further investigation has revealed that the application is not vulnerable to this issue." The original researcher also has a history of erroneous claims.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

आरक्षित करना

01/08/2007

प्रकटीकरण

01/08/2007

प्रविष्टि

VDB-38126

EPSS

0.02145

गतिविधियाँ

बहुत कम

स्रोत

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!