Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in install/upgrade_301.php in Jelsoft vBulletin 3.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the step parameter. NOTE: the vendor has disputed this vulnerability, saying "The default vBulletin requires authentication prior to the usage of the upgrade system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jelsoft vBulletin 'upgrade_301.php'PHP远程文件包含漏洞
Vulnerability Description
** 有争议 ** Jelsoft vBulletin 3.5.4的install/upgrade_301.php脚本存在PHP远程文件包含漏洞,远程攻击者可借助step参数中的URL执行任意PHP代码。注:厂商对此漏洞存在争议,称"默认情况下,vBulletin在使用更新之前需要认证"。
CVSS Information
N/A
Vulnerability Type
N/A