CVE-2010-1077 Information

Description

Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.

Reference

http://packetstormsecurity.org/1002-exploits/vbseo-lfi.txt http://www.exploit-db.com/exploits/11526 http://www.vupen.com/english/advisories/2010/0442 https://exchange.xforce.ibmcloud.com/vulnerabilities/56439 vbseo-vbseourl-file-include(56439) Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.