Vulnerabilities

CVE-2015-7808

by Fred · 24/11/2015

The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.

Date published : 2015-11-24

https://www.exploit-db.com/exploits/38629/

http://blog.checkpoint.com/2015/11/05/check-point-discovers-critical-vbulletin-0-day/

Similar

Tags: Cybersecurity Alert