CVE-2025-48828 PoC — Internet Brands vBulletin 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-48828.yaml

Associated Vulnerability

Title:Internet Brands vBulletin 安全漏洞 (CVE-2025-48828)
Description:Internet Brands vBulletin是Internet Brands公司的一个论坛插件。 Internet Brands vBulletin存在安全漏洞，该漏洞源于模板条件可能被滥用执行任意PHP代码。

Description

vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution (RCE) vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP's Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted <vb:if> conditional that executes arbitrary PHP code via passthru($_POST[<param>]), and triggering it with a second request to ajax/render/ad_<location>, attackers can run arbitrary commands on the server as the webserver user.

File Snapshot


 id: CVE-2025-48828

info:
  name: vBulletin replaceAdTemplate - Remote Code Execution
  author: Dhiy

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!