CVE-2019-16759

⚠ KEVEPSS 94.4%

vBulletin PHP Module Remote Code Execution Vulnerability

Added to CISA KEV: 11/3/2021

Description

The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

Affected packages (0)

No package mapping in OSV.