CVE Vulnerabilities

CVE-2001-0475

Published: Jun 27, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter.

Affected Software

Name Vendor Start Version End Version
Vbulletin Jelsoft * 1.1.5
Vbulletin Jelsoft * 2.0_beta_2

References