CVE-2008-6255
VBulletin 3.7.4 contains multiple SQL injection vulnerabilities that allow a remote authenticated administrator to execute arbitrary SQL commands via three parameters: (1) answer in admincp/verify.php, (2) extension in an edit action to admincp/attachmentpermission.php, and (3) iperm in admincp/i...