Back to directory

WRITEUP #1890

Exploiting an N-day vBulletin PHP Object Injection Vulnerability

OtherPHP object injectionSecurity code review

byEgidio Romano / EgiX

Program

vBulletin

Published

Nov 26, 2022

Added to HackDex

Nov 30, 2022

Read Full Writeuphttps://karmainsecurity.com/exploiting-an-nday-vbulletin-php-object-injection

▸ RELATED WRITEUPS

WordPress GiveWP POP to RCE (CVE-2024-5932)

RCEPHP pop chain

$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

RCEPHP pop chain

Vulnerabilities in NodeJS C/C++ add-on extensions

OtherMemory corruption

Github Actions Exploitation: Dependabot

Oracle Retail Xstore Suite: Pre-authenticated Path Traversal

OtherPath traversal

Built with ❤️ by Shubham Rawat