Summary
The remote host is running vBulletin, a web based bulletin board system written in PHP.
The remote version of this software is vulnerable to remote command execution flaw throught the script 'forumdisplay.php'.
A malicious user could exploit this flaw to execute arbitrary command on the remote host with the privileges of the web server.
Solution
Upgrade vBulletin 3.0.4 or newer
Severity
Classification
-
CVE CVE-2005-0429 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Tomcat Directory Listing and File disclosure
- @Mail WebMail Email Body HTML Injection Vulnerability
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities