Arbitrary PHP Code Execution in Jelsoft vBulletin via Templatecache Parameter
CVE-2001-0475 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter.
Learn more about our Web Application Penetration Testing UK.