Vbulletin: Security Vulnerabilities
Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "var_dump"("test") syntax, attackers can bypass security checks and execute arbitrary PHP code, as exploited in the wild in May 2025.
CVSS Score
9.0
EPSS Score
0.609
Published
2025-05-27
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025.
CVSS Score
10.0
EPSS Score
0.66
Published
2025-05-27
A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-16
vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors. The fixed versions are 5.6.7 PL1, 5.6.8 PL1, and 5.6.9 PL1.
CVSS Score
9.8
EPSS Score
0.929
Published
2023-02-03
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of CVE-2020-17496. CVE-2020-17496 is the preferred CVE ID to track this vulnerability.
CVSS Score
9.8
EPSS Score
0.899
Published
2020-10-30
The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-09-03
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-09-03
The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-09-03
The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-09-03
The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-09-03
Page 1