Snort ::

SID 11668

« Back

References

URL

http://marc.info/?l=bugtraq&m=110910899415763&w=2

CVE

2005-0511

Msg

"WEB-PHP vbulletin php code injection"

Summary

This event is generated when an attempt is made to exploit a known vulnerability in vBulletin.

Classtype

attempted-user

Impact

Low

Detailed Information

misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.

Affected Systems

Jelsoft vBulletin 3.0.6

False Positives

None known.

False Negatives

None known.

Contributors

Sourcefire Vulnerability Research Team
This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology.
For more information see http://nvd.nist.gov/

Snort