CVE-2025-48827 – vBulletin Unauthenticated API Controller Method Invocation Vulnerability

May 27, 2025

CVE ID : CVE-2025-48827

Published : May 27, 2025, 4:15 a.m. | 50 minutes ago

Description : vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers’ methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48793 – Fortinet SSL/TLS Implementation Vulnerability

Next Article CVE-2025-48792 – Oracle WebLogic Server Unvalidated Redirect

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

This Microsoft pay scale reveals AI pros are making bank — with compensation packages reaching up to $336,000/year

ZeniMax QA testers face whiplash and “rancid” work morale following Microsoft’s gaming layoffs — but the union still fights

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

This Microsoft pay scale reveals AI pros are making bank — with compensation packages reaching up to $336,000/year

CVE-2025-48827 – vBulletin Unauthenticated API Controller Method Invocation Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Kettering Health Hit by Cyberattack: Network Outage and Scam Calls Reported

Rilasciato Incus 6.12: Novità per Container e Macchine Virtuali su GNU/Linux

A Step-by-Step Coding Implementation of an Agent2Agent Framework for Collaborative and Critique-Driven AI Problem Solving with Consensus-Building

L’Europol punta non solo alla fine della crittografia ma anche ai tuoi metadati

CVE-2025-5578 – PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

“In this next chapter with Xbox, we’re not just pushing pixels. We’re reimagining what’s possible” — AMD comments on its partnership with Microsoft

This iOS 26 feature makes the iPhone 17 Air a more reasonable upgrade for me

CVE-2024-5962 – WSO2 WSO2 Reflected Cross-Site Scripting (XSS) Vulnerability

CVE-2025-48827 – vBulletin Unauthenticated API Controller Method Invocation Vulnerability

Related Posts