Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Critical RCE Vulnerability in vBulletin via PHP Reflection API Bypass
Malware and Vulnerabilities
May 26, 2025
karmainsecurity
A critical vulnerability in vBulletin versions 5.x and 6.x running on PHP 8.1 or later allows unauthenticated attackers to invoke protected methods remotely, leading to remote code execution (RCE).
Read More
vBulletin
PHP 8.1
Reflection API
Remote Code Execution
Template Injection
Publisher
Previous
Oracle TNS Flaw Exposes System Memory to Unauthorized A ...
Malware and Vulnerabilities
Next
D-Link Routers Exposed by Hard-Coded Telnet Credentials
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/fbaa_shutterstock_1425817064.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/9548_shutterstock_1522806839.jpg)
