3 matches found
Sql injection
SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinforecurring parameter, a different vector than CVE-2005-3022...
CVE-2008-6256
SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinforecurring parameter, a different vector than CVE-2005-3022...
CVE-2008-6256
CVE-2008-6256 affects vBulletin up to 3.7.3.pl1 (admincalendar.php). The vulnerability is an SQL injection in admincp/admincalendar.php via the holidayinfo[recurring] parameter, allowing remote authenticated administrators with calendar access to execute arbitrary SQL commands. OpenVAS corroborat...