VYPR
Unrated severityNVD Advisory· Published May 27, 2025· Updated May 27, 2025

CVE-2025-48827

CVE-2025-48827

Description

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jelsoft/Vbulletinllm-fuzzy2 versions
    5.0.0 - 5.7.5, 6.0.0 - 6.0.3+ 1 more
    • (no CPE)range: 5.0.0 - 5.7.5, 6.0.0 - 6.0.3
    • (no CPE)range: 5.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.