THREATOPS
THREAT OPSCVEs › CVE-2019-16759

CVE-2019-16759 — vBulletin PHP Module Remote Code Execution Vulnerability

CISA KEVExploited: confirmedvBulletin

The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

Vulnerability details