POC详情: 6dc462fc3ba6a7fe8a183e2dd1814db60aa97f1a

来源
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vbulletin/vbulletin-replacead-rce.yaml
关联漏洞

疑似Oday

描述
vBulletin versions 5.1.0 through 6.0.3 contain a Remote Code Execution (RCE) vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP’s Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted <vb:if> conditional that executes arbitrary PHP code via passthru($_POST[<param>]), and triggering it with a second request to ajax/render/ad_<location>, attackers can run arbitrary commands on the server as the webserver user.
文件快照

 id: vbulletin-replacead-rce

info:
  name: vBulletin replaceAdTemplate - Remote Code Execution
  aut

...
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。