VULHUB ™

VBulletin is reported prone to a remote arbitrary command execution vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and affects the 'forumdisplay.php' script when the 'showforumusers' option has been enabled. This may allow attackers to execute arbitrary commands with the privileges of the server running the application. VBulletin versions 3.0 to 3.0.4 are reported vulnerable to this issue. It is reported that versions 3.0.5 and 3.0.6 are not affected.

VBulletin is reported prone to a remote arbitrary command execution vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and affects the 'forumdisplay.php' script when the 'showforumusers' option has been enabled. This may allow attackers to execute arbitrary commands with the privileges of the server running the application. VBulletin versions 3.0 to 3.0.4 are reported vulnerable to this issue. It is reported that versions 3.0.5 and 3.0.6 are not affected.