Security News > 2017 > December > Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly
2017-12-18 08:33
Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server. vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server. It powers
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/rKpfA7fQqCs/vbulletin-forum-hacking.html
Related news
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
- Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
- China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)