CVE-2005-0511
First published: Mon Feb 21 2005(Updated: )
misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jelsoft vBulletin | =2.2.0 | |
| Jelsoft vBulletin | =3.0.4 | |
| Jelsoft vBulletin | =3.0.0_rc4 | |
| Jelsoft vBulletin | =2.3.0 | |
| Jelsoft vBulletin | =3.0.1 | |
| Jelsoft vBulletin | =2.2.9_can | |
| Jelsoft vBulletin | =3.0.0_beta_2 | |
| Jelsoft vBulletin | =3.0.6 | |
| Jelsoft vBulletin | =2.2.1 | |
| Jelsoft vBulletin | =2.0.2 | |
| Jelsoft vBulletin | =2.0 | |
| Jelsoft vBulletin | =2.0.1 | |
| Jelsoft vBulletin | =2.2.7 | |
| Jelsoft vBulletin | =3.0.0_can4 | |
| Jelsoft vBulletin | =2.0_beta_2 | |
| Jelsoft vBulletin | =2.2.4 | |
| Jelsoft vBulletin | =3.0_beta_2 | |
| Jelsoft vBulletin | =2.2.2 | |
| Jelsoft vBulletin | =2.2.5 | |
| Jelsoft vBulletin | =2.0_beta_3 | |
| Jelsoft vBulletin | =3.0.0 | |
| Jelsoft vBulletin | =2.2.6 | |
| Jelsoft vBulletin | =3.0.2 | |
| Jelsoft vBulletin | =3.0.3 | |
| Jelsoft vBulletin | =3.0.5 | |
| Jelsoft vBulletin | =2.2.8 | |
| Jelsoft vBulletin | =2.3.4 | |
| Jelsoft vBulletin | =2.2.3 | |
| Jelsoft vBulletin | =2.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/jelsoft
- vendor/vbulletin
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- canonical/jelsoft vbulletin
- version/jelsoft vbulletin/2.2.0
- version/jelsoft vbulletin/3.0.4
- version/jelsoft vbulletin/3.0.0_rc4
- version/jelsoft vbulletin/2.3.0
- version/jelsoft vbulletin/3.0.1
- version/jelsoft vbulletin/2.2.9_can
- version/jelsoft vbulletin/3.0.0_beta_2
- version/jelsoft vbulletin/3.0.6
- version/jelsoft vbulletin/2.2.1
- version/jelsoft vbulletin/2.0.2
- version/jelsoft vbulletin/2.0
- version/jelsoft vbulletin/2.0.1
- version/jelsoft vbulletin/2.2.7
- version/jelsoft vbulletin/3.0.0_can4
- version/jelsoft vbulletin/2.0_beta_2
- version/jelsoft vbulletin/2.2.4
- version/jelsoft vbulletin/3.0_beta_2
- version/jelsoft vbulletin/2.2.2
- version/jelsoft vbulletin/2.2.5
- version/jelsoft vbulletin/2.0_beta_3
- version/jelsoft vbulletin/3.0.0
- version/jelsoft vbulletin/2.2.6
- version/jelsoft vbulletin/3.0.2
- version/jelsoft vbulletin/3.0.3
- version/jelsoft vbulletin/3.0.5
- version/jelsoft vbulletin/2.2.8
- version/jelsoft vbulletin/2.3.4
- version/jelsoft vbulletin/2.2.3
- version/jelsoft vbulletin/2.3.3