CVE-2019-16759CISA KEV: Actively Exploited

vBulletin PHP Module Remote Code Execution Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

Public Exploits & PoCs12 found

PoC: CVE-2019-16759

vBulletin 5.x 未授权远程代码执行漏洞

20

PoC: vbulletin5-rce

CVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce

19

PoC: CVE-2019-16759

This tools will extracts and dumps Email + SMTP from vBulletin database server

5

PoC: CVE-2019-16759-Vbulletin-rce-exploit

Vbulletin rce exploit CVE-2019-16759

5

PoC: pwn-vbulletin

Identify vulnerable (RCE) vBulletin 5.0.0 - 5.5.4 instances using Shodan (CVE-2019-16759)

2

PoC: CVE-2019-16759

Interactive-Like Command-Line Console for CVE-2019-16759

2

PoC: http-vuln-CVE-2019-16759

Nmap NSE Script to Detect vBulletin pre-auth 5.x RCE CVE-2019-16759

2

PoC: vBulletin_Routestring-RCE

(CVE-2019-16759) vBulletin_Routestring-RCE

1

PoC: CVE-2019-16759

Vbulletin RCE Exploit

1

PoC: CVE-2019-16759

Vbulletin RCE Exploits

PoC: CVE-2019-16759

Vbulletin RCE Exploits

PoC: vbull

Mass Exploit CVE-2019-16759

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free