The Latest in IT Security

Hacker Releases Exploit for vBulletin Zero-Day Vulnerability

25
Sep
2019

A proof-of-concept (PoC) exploit for the zero-day was published on the Full Disclosure mailing list by an individual who wanted to remain anonymous. It’s unclear why they have decided to release the information before vBulletin developers could create a patch.

The vulnerability, to which MITRE assigned the CVE identifier CVE-2019-16759, is said to affect vBulletin 5.x through 5.5.4 (the latest version), and it allows an unauthenticated attacker to execute arbitrary commands by sending a specially crafted HTTP POST request to the targeted vBulletin website.

Read More

Comments are closed.

Categories

TUESDAY, NOVEMBER 19, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments