Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Internet » Security Alerts and vulnerabilities » vBulletin "template" PHP Code Injection Vulnerabil
Register Calendar Gallery Mark Forums Read

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 02-22-2005, 06:21 PM
Mobo's Avatar
Mobo Mobo is offline
Thinking outside the box
  
Join Date: Sep 2004
Location: Cape Breton
Posts: 4,574
Send a message via ICQ to Mobo Send a message via AIM to Mobo Send a message via MSN to Mobo Send a message via Yahoo to Mobo Send a message via Skype™ to Mobo
a vulnerability in vBulletin, which potentially can be exploited by malicious users to compromise a vulnerable system.

Nested input passed to the "template" parameter in "misc.php" isn't properly verified and can be exploited to inject and execute arbitrary PHP code.

Example:
http://[victim]/misc.php?do=page&template={${[code]}}

Successful exploitation requires that the "Add Template Name in HTML Comments" option is enabled (not enabled by default and not recommended by vendor on production systems).

The vulnerability has been reported in version 3.0.6 and prior.

Solution:
Disable the "Add Template Name in HTML Comments" option.

Update to version 3.0.7.
http://www.vbulletin.com/download.php
Reply With Quote
Posted


Reply

« Previous Thread | Next Thread »
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -5. The time now is 01:33 AM.

Contact Us - CyberAnswers - Archive - Privacy Statement - Top

Firefox 2