EUVD-2014-2075

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Multiple SQL injection flaws in Tapatalk plugin allow remote attackers to execute SQL commands.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2014-2023	26 Oct 201720:29	–	attackerkb
CVE	CVE-2014-2023	26 Oct 201720:00	–	cve
Cvelist	CVE-2014-2023	26 Oct 201720:00	–	cvelist
exploitpack	vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting	12 Oct 201400:00	–	exploitpack
exploitpack	vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection	12 Oct 201400:00	–	exploitpack
NVD	CVE-2014-2023	26 Oct 201720:29	–	nvd
OpenVAS	Tapatalk < 5.2.2 Blind SQLi Vulnerability	27 Nov 201400:00	–	openvas
Packet Storm	vBulletin 5.x / 4.x Persistent Cross Site Scripting	12 Oct 201400:00	–	packetstorm
Packet Storm	vBulletin 4.x SQL Injection	13 Oct 201400:00	–	packetstorm
Packet Storm	vBulletin 4.x Tapatalk Blind SQL Injection	27 Oct 201400:00	–	packetstorm

[
  {
    "enisaIdVendor": [
      {
        "id": "ece64b36-732b-39ee-975d-e8da4fed1e36",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "f05c7960-7535-30a4-99eb-d0e6c85e423c",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2014-2023
securityfocus	www.securityfocus.com/bid/70418
packetstormsecurity	www.packetstormsecurity.com/files/128854/vBulletin-4.x-Tapatalk-Blind-SQL-Injection.html
seclists	www.seclists.org/fulldisclosure/2014/Oct/57
exploit-db	www.exploit-db.com/exploits/35102
github	www.github.com/tintinweb/pub/tree/master/pocs/cve-2014-2023
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.3High risk

Vulners AI Score9.3

CVSS 39.8

CVSS 27.5

EPSS0.094