7.5 High
AI Score
Confidence
High
0.891 High
EPSS
Percentile
98.7%
misc.php for vBulletin 3.0.6 and earlier, when βAdd Template Name in HTML Commentsβ is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.
marc.info/?l=bugtraq&m=110910899415763&w=2
secunia.com/advisories/14326
www.securityfocus.com/bid/12622
www.vbulletin.com/forum/showthread.php?postid=819562