CVE-2002-1660

Jelsoft Vbulletin < 2.1.9 - OS Command Injection

Title source: rule

Description

calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the command parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by gosper · textwebappsphp
https://www.exploit-db.com/exploits/21874

References (4)

Scores

EPSS 0.1174
EPSS Percentile 93.6%

Classification

CWE
CWE-78
Status draft

Affected Products (1)

jelsoft/vbulletin < 2.1.9

Timeline

Published Dec 31, 2002
Tracked Since Feb 18, 2026