CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2020-17496	High	94.2%	vBulletinvBulletin	The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.	Nov 3, 2021	KEV
CVE-2019-16759	High 9.8	94.4%	vBulletinvBulletin	The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.	Nov 3, 2021	KEVExploit

CVE-2020-17496KEV

High

The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.

vBulletinEPSS 94.2%

CVE-2019-16759KEV

High

The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

vBulletinCVSS 9.8EPSS 94.4%

Exploit