NOMISEC-FarjaalAhmad/CVE-2019-16759

NOMISEC WORKING POC

Exploit for CVE-2019-16759 - vBulletin 5.x /ajax/render/widget_tabbedcontainer_tab_panel PHP remote code execution.

AI Analysis

This repository contains a functional exploit for CVE-2019-16759, which targets an unauthenticated remote code execution vulnerability in vBulletin versions 5.0 to 5.5.4 via the 'widget_php' parameter. The exploit sends crafted POST requests to execute arbitrary commands on the target system.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 2

https://github.com/FarjaalAhmad/CVE-2019-16759

Stars 4

Forks 0

Last Push Oct 12, 2019

Authors

FarjaalAhmad

Vulnerability

CVE-2019-16759

vBulletin 5.x /ajax/render/widget_tabbedcontainer_tab_panel PHP remote code execution.

CRITICAL KEV

CVSS 9.8