PHP remote file inclusion vulnerability in install/upgrade_301.php in Jelsoft vBulletin 3.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the step parameter. NOTE: the vendor has disputed this vulnerability, saying "The default vBulletin requires authentication prior to the usage of the upgrade system.
References
Configurations
History
07 Nov 2023, 01:59
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in install/upgrade_301.php in Jelsoft vBulletin 3.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the step parameter. NOTE: the vendor has disputed this vulnerability, saying "The default vBulletin requires authentication prior to the usage of the upgrade system. |
Information
Published : 2006-08-21 21:04
Updated : 2024-08-07 19:15
NVD link : CVE-2006-4271
Mitre link : CVE-2006-4271
CVE.ORG link : CVE-2006-4271
JSON object : View
Products Affected
jelsoft
- vbulletin
CWE