Arbitrary Code Execution Vulnerability in VBSEO Module for vBulletin

Arbitrary Code Execution Vulnerability in VBSEO Module for vBulletin

CVE-2014-9463 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.

Learn more about our User Device Pen Test.