Security News > 2017 > December > Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly
2017-12-18 08:33
Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server. vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server. It powers
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/rKpfA7fQqCs/vbulletin-forum-hacking.html
Related news
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
- 1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole (source)