Security News > 2017 > December > Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly
2017-12-18 08:33
Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server. vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server. It powers
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/rKpfA7fQqCs/vbulletin-forum-hacking.html
Related news
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
- 1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole (source)
- Hackers exploit critical bug in Array Networks SSL VPN products (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- Critical security hole in Apache Struts under exploit (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- Mitel 0-day, 5-year-old Oracle RCE bug under active exploit (source)