Lucene search
PRIOn knowledge basePRION:CVE-2020-7373HistoryOct 30, 2020 - 5:15 p.m.
Design/Logic Flaw
2020-10-3017:15:00
PRIOn knowledge base
www.prio-n.com
7
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of CVE-2020-17496. CVE-2020-17496 is the preferred CVE ID to track this vulnerability.
Related
cve
cve
cvelist
cvelist
nvd
nvd
attackerkb
attackerkb
openvas
openvas
vBulletin 5.x RCE Vulnerability
2020-08-10 00:00:00
zdt
zdt
vBulletin 5.x Remote Code Execution Exploit
2020-08-12 00:00:00
vBulletin 5.5.4 Remote Command Execution Exploit #RCE
2019-12-11 00:00:00
vBulletin 5.x - Remote Command Execution Exploit
2019-10-01 00:00:00
nuclei
nuclei
vBulletin 5.5.4 - 5.6.2- Remote Command Execution
2021-02-24 20:00:52
vBulletin 5.0.0-5.5.4 - Remote Command Execution
2020-07-04 15:56:10
checkpoint_advisories
checkpoint_advisories
vBulletin Forum Remote Code Execution (CVE-2019-16759; CVE-2020-17496)
2019-09-25 00:00:00
VBulletin Remote Code Execution (CVE-2020-7373)
2020-11-25 00:00:00
cisa_kev
cisa_kev
vBulletin PHP Module Remote Code Execution Vulnerability
2021-11-03 00:00:00
vBulletin PHP Module Remote Code Execution Vulnerability
2021-11-03 00:00:00
prion
prion
Design/Logic Flaw
2020-08-12 14:15:00
Cross site request forgery (csrf)
2019-09-24 22:15:00
nessus
nessus
vBulletin CVE-2019-16759 Bypass Remote Code Execution (CVE-2020-17496) (direct check)
2020-08-10 00:00:00
vBulletin 'widget_php' Command Execution
2019-10-23 00:00:00
packetstorm
packetstorm
vBulletin 5.x Remote Code Execution
2020-08-13 00:00:00
vBulletin 5.x Remote Code Execution
2020-08-11 00:00:00
vBulletin 5.x 0-Day Pre-Auth Remote Command Execution
2019-09-26 00:00:00
canvas
canvas
Immunity Canvas: VBULLETIN_WIDGET_RCE
2019-09-24 22:15:00
thn
thn
Hackers Breach ZoneAlarm's Forum Site β Outdated vBulletin to Blame
2019-11-11 15:27:00
exploitdb
exploitdb
vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution
2020-08-12 00:00:00
vBulletin 5.x - Remote Command Execution (Metasploit)
2019-09-30 00:00:00
githubexploit
githubexploit
Exploit for Injection in Vbulletin
2020-08-20 12:20:03
Exploit for Injection in Vbulletin
2020-09-03 14:41:29
Exploit for Code Injection in Vbulletin
2020-08-31 13:44:15
threatpost
threatpost
Rash of Exploits Targets Critical vBulletin RCE Bug
2019-09-26 17:45:03
vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
2019-10-10 20:37:40
Gitpaste-12 Worm Widens Set of Exploits in New Attacks
2020-12-15 21:29:51
impervablog
impervablog
Attackers Are Quick to Exploit vBulletinβs Latest 0-day Remote Code Execution Vulnerability
2019-09-26 13:43:30
CrimeOps of the KashmirBlack Botnet β Part II
2020-10-22 18:55:05
exploitpack
exploitpack
vBulletin 5.x - Remote Command Execution (Metasploit)
2019-09-30 00:00:00
metasploit
metasploit
mssecure
mssecure
Ghost in the shell: Investigating web shell attacks
2020-02-04 17:30:40
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00