CVE-2005-0429 Information

Description

Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4 when showforumusers is enabled allows remote attackers to execute inject arbitrary PHP commands via the comma parameter.

Reference

http://marc.info/?l=bugtraq&m=110840807415315&w=2 http://www.securityfocus.com/bid/12542