3 matches found
CVE-2014-2022
CVE-2014-2022 affects vBulletin 4.x (including 4.2.2, 4.2.1, 4.2.0 PL2 and earlier). The vulnerability is an SQL injection in breadcrumbs_create.php via the conceptid argument in the xmlrpc API, caused by insufficient input sanitization. Impact per sources is arbitrary SQL execution with remote a...
vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection
vBulletin 4.x - breadcrumbs via xmlrpc API Authenticated SQL Injection CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API post-auth ============================================================================== Overview -------- date : 10/12/2014 cvss : 7.1...
vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection
CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API post-auth ============================================================================== Overview -------- date : 10/12/2014 cvss : 7.1 AV:N/AC:H/Au:S/C:C/I:C/A:C base cwe : 89 vendor : vBulletin Solutions product : vBulletin 4...