THREAT OPS › CVEs › CVE-2020-17496
CVE-2020-17496 — vBulletin PHP Module Remote Code Execution Vulnerability
The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.
Vulnerability details
- Affected productsvBulletin
- KEV remediation due2022-05-03