EUVD-2014-2074

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SQL injection in vBulletin allows remote authenticated users to execute arbitrary SQL commands.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2014-2022	15 Oct 201414:55	–	attackerkb
CVE	CVE-2014-2022	15 Oct 201414:00	–	cve
Cvelist	CVE-2014-2022	15 Oct 201414:00	–	cvelist
Exploit DB	vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection	12 Oct 201400:00	–	exploitdb
exploitpack	vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection	12 Oct 201400:00	–	exploitpack
NVD	CVE-2014-2022	15 Oct 201414:55	–	nvd
Packet Storm	vBulletin 4.x SQL Injection	13 Oct 201400:00	–	packetstorm
Prion	Sql injection	15 Oct 201414:55	–	prion
SUSE CVE	SUSE CVE-2014-2022	13 May 202302:10	–	susecve

[
  {
    "enisaIdVendor": [
      {
        "id": "c7327076-344f-34c2-8583-181698e31a87",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1e71aa25-c356-3e3a-9bcd-42272999104b",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2014-2022
securitytracker	www.securitytracker.com/id/1031001
securityfocus	www.securityfocus.com/bid/70417
packetstormsecurity	www.packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html
github	www.github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022
seclists	www.seclists.org/fulldisclosure/2014/Oct/56
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.4High risk

Vulners AI Score9.4

CVSS 27.1

EPSS0.00931

sql injection vbulletin vulnerability remote access xmlrpc api