• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RETIRED: vBulletin 'faq.php' SQL Injection Vulnerability

Bugtraq ID:	29293
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	May 20 2008 12:00AM
Updated:	May 21 2008 08:34PM
Credit:	Ali Jasbi
Vulnerable:	VBulletin VBulletin 3.7 Gold VBulletin VBulletin 3.6.8 VBulletin VBulletin 3.6.7 VBulletin VBulletin 3.6.6 VBulletin VBulletin 3.6.5 VBulletin VBulletin 3.6.4 VBulletin VBulletin 3.6.3 VBulletin VBulletin 3.6.2 VBulletin VBulletin 3.6.1 VBulletin VBulletin 3.6 VBulletin VBulletin 3.5.4 VBulletin VBulletin 3.5.3 VBulletin VBulletin 3.5.2 VBulletin VBulletin 3.5.1 VBulletin VBulletin 3.0.15 VBulletin VBulletin 3.0.14 VBulletin VBulletin 3.0.12 VBulletin VBulletin 3.0.11 VBulletin VBulletin 3.0.10 VBulletin VBulletin 3.0.9 VBulletin VBulletin 3.0.8 VBulletin VBulletin 3.0.7 VBulletin VBulletin 3.0.6 VBulletin VBulletin 3.0.5 VBulletin VBulletin 3.0.4 VBulletin VBulletin 3.0.3 VBulletin VBulletin 3.0.2 VBulletin VBulletin 3.0.1 VBulletin VBulletin 3.0 Gamma VBulletin VBulletin 3.0 beta 7 VBulletin VBulletin 3.0 beta 6 VBulletin VBulletin 3.0 beta 5 VBulletin VBulletin 3.0 beta 4 VBulletin VBulletin 3.0 beta 3 VBulletin VBulletin 3.0 beta 2 VBulletin VBulletin 3.0 VBulletin VBulletin 3.5.x VBulletin VBulletin 3.5.x
Not Vulnerable: