[VIM] vBulletin 'upgrade.php' Remote Code Injection Vulnerability
George Theall
gtheall at tenable.com
Mon Oct 28 15:00:33 CDT 2013
Dinesh / Narayan / Venkat / Rob : Can you clarify how BID 63380 differs from BID 62909? Both concern vBulletin’s install/upgrade.php script. The former was created today and contains as a link http://www.securityfocus.com/archive/1/529467; the latter is from October 10th and links to http://osvdb.org/ref/97/vbulletin-remote.txt. Comparing the PoCs in those two links suggests to me that they’re the same issue.
George
--
theall at tenable.com
More information about the VIM
mailing list