Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-48828 PoC — Internet Brands vBulletin 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-48828.yaml
Associated Vulnerability
Title:Internet Brands vBulletin 安全漏洞 (CVE-2025-48828)
Description:Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "var_dump"("test") syntax, attackers can bypass security checks and execute arbitrary PHP code, as exploited in the wild in May 2025.
Description
vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution (RCE) vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP's Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted <vb:if> conditional that executes arbitrary PHP code via passthru($_POST[<param>]), and triggering it with a second request to ajax/render/ad_<location>, attackers can run arbitrary commands on the server as the webserver user.
File Snapshot

 id: CVE-2025-48828

info:
  name: vBulletin replaceAdTemplate - Remote Code Execution
  author: Dhiy

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →