Security Advisory

CVE-2013-6129

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-10-19 10:00:00

Last updated 2024-09-16 18:17:47

Assigner mitre

State PUBLISHED

Description

The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldata[password], htmldata[confirmpassword], and htmldata[email] parameters, as exploited in the wild in October 2013.

← Browse all CVEs View on cve.org ↗