CVE-2005-0429

vBulletin 3.0-3.0.4 - Remote Code Execution via Comma Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-0429. PoCs published by AL3NDALEEB.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in vBulletin 3.0.x by manipulating the GLOBALS array via a crafted URL. It executes arbitrary commands on the server by injecting them into the forumdisplay.php script under specific conditions.

Description

Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by AL3NDALEEB · phpwebappsphp

https://www.exploit-db.com/exploits/820

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in vBulletin 3.0.x by manipulating the GLOBALS array via a crafted URL. It executes arbitrary commands on the server by injecting them into the forumdisplay.php script under specific conditions.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: vBulletin 3.0.0 to 3.0.4

No auth needed

Prerequisites: showforumusers enabled · guest access · at least one user in the forum · magic_quotes_gpc disabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by AL3NDALEEB · textwebappsphp

https://www.exploit-db.com/exploits/818

View Code ZIP pw:eip

This exploit leverages a vulnerability in vBulletin's forumdisplay.php by injecting a system command via the GLOBALS array. It requires specific conditions such as magic_quotes_gpc being off and the target being a guest user.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: vBulletin (version not specified)

No auth needed

Prerequisites: vboptions['showforumusers'] must be True · User must be a guest · Forum must have at least one user · magic_quotes_gpc must be OFF

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=110840807415315&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/12542

Scores

EPSS 0.0193

EPSS Percentile 77.4%

Details

Status published

Products (5)

jelsoft/vbulletin 3.0

jelsoft/vbulletin 3.0.1

jelsoft/vbulletin 3.0.2

jelsoft/vbulletin 3.0.3

jelsoft/vbulletin 3.0.4

Published May 02, 2005

Tracked Since Feb 18, 2026