Description
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ViRuSMaN · textwebappsphp
https://www.exploit-db.com/exploits/11526
References (4)
Core 4
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/11526
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56439
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/1002-exploits/vbseo-lfi.txt
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0442
Scores
EPSS
0.0135
EPSS Percentile
80.2%
Details
CWE
CWE-22
Status
published
Products (1)
vbseo/vbseo
3.1.0
Published
Mar 23, 2010
Tracked Since
Feb 18, 2026