CVE-2013-6129

EXPLOITED IN THE WILD

Vbulletin - Access Control

Title source: rule

Description

The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldata[password], htmldata[confirmpassword], and htmldata[email] parameters, as exploited in the wild in October 2013.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Joshua Rogers · perlwebappsphp

https://www.exploit-db.com/exploits/38785

View Code ZIP pw:eip

metasploit WORKING POC

by Unknown, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/vbulletin_upgrade_admin.rb

View Code ZIP pw:eip

References (2)

[Exploit] http://www.net-security.org/secworld.php?id=15743

[Vendor Advisory] http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5

Scores

EPSS 0.7819

EPSS Percentile 99.0%

Details

VulnCheck KEV 2013-10-19

InTheWild.io 2013-11-21

CWE

CWE-264

Status published

Products (2)

vbulletin/vbulletin 4.1

vbulletin/vbulletin 5.0.0

Published Oct 19, 2013

Tracked Since Feb 18, 2026