Vulnerabilities > CVE-2019-17130 - Files or Directories Accessible to External Parties vulnerability in Vbulletin

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
vbulletin
CWE-552

Summary

vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.

Vulnerable Configurations

Part Description Count
Application
Vbulletin
73