CVE-2020-17496
vBulletin PHP Module Remote Code Execution Vulnerability
CVSS
—
Sin CVSS
EPSS
87.7%
p100
KEV
SÍ
3 nov 2021
Exploit Today
80
0-100
Publicado: — · Última mod.: —
87.7%EPSS · 30 días87.7%
2026-06-302026-07-16
Producto
vBulletin / vBulletin
Vulnerabilidad
vBulletin PHP Module Remote Code Execution Vulnerability
Añadido a KEV
3 nov 2021
Remediar antes de
3 may 2022
Uso conocido en ransomware
No
Descripción resumida
The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2020-17496
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2019-16759—100.0%
KEV—80vBulletin PHP Module Remote Code Execution Vulnerability—