exploit
intel
Search
Researchers
Blog
Stats
Labs
CLI
MCP
API
Limits
About
Privacy
RSS Feeds
Blog Posts
Recent CVEs
CVEs with Exploits
CISA KEV
Theme
Color Theme
Cyan
Amber
Milw0rm
Light Warm
Paper
Navy
Blog
Statistics
Labs
CLI Tool
MCP Server
API Documentation
Rate Limits
About
Privacy
Exploit Database
Researchers
CWE Categories
Vendors
Ecosystems
RSS Feeds
Blog Posts
Recent CVEs
CVEs with Exploits
CISA KEV
Follow:
Theme:
Home
/
Researchers
/
polar1s7
polar1s7
1
exploit
Active since Sep 2019
CVE-2019-16759
NOMISEC
CRITICAL
WORKING POC
vBulletin 5.x /ajax/render/widget_tabbedcontainer_tab_panel PHP remote code execution.
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
CVSS 9.8
View Code