2 matches found
CVE-2004-2695
The CVE-2004-2695 entry describes an SQL injection in Jelsoft vBulletin 3.0–3.0.3, exploitable via the x_invoice_num parameter in subscriptions/authorize.php. This allows remote attackers to execute arbitrary SQL statements. The CVE entry notes a possible relation to CVE-2006-4267, which is indep...
CVE-2004-2695
SQL injection vulnerability in the Authorize.net callback code subscriptions/authorize.php in Jelsoft vBulletin 3.0 through 3.0.3 allows remote attackers to execute arbitrary SQL statements via the xinvoicenum parameter. NOTE: this issue might be related to CVE-2006-4267...