CVE-2025-48828

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting...

Basic Information

CVE State
PUBLISHED
Reserved Date
May 27, 2025
Published Date
May 27, 2025
Last Updated
May 27, 2025
Vendor
vBulletin
Product
vBulletin
Description
Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "var_dump"("test") syntax, attackers can bypass security checks and execute arbitrary PHP code, as exploited in the wild in May 2025.
Tags
nuclei_scanner php

CVSS Scores

CVSS v3.1

9.0 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Score

Score
8.74% (Percentile: 92.04%) as of 2025-06-20

SSVC Information

Exploitation
poc
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-05-26 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2025-05-23 00:00:00 UTC) Source

Known Exploited Vulnerability Information

Source Added Date
KEVIntel 2025-05-27 00:00:00 UTC

Recent Mentions

vBulletin Exploits (CVE-2025-48827, CVE-2025-48828), (Tue, Jun 3rd)

Source: SANS Internet Storm Center • Published: 2025-06-03 20:58:01 UTC

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies some common issues with patching and keeping your software up to date.

Scanner Integrations

Timeline

  • Proof of Concept Exploit Available

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Nuclei