Retired: DeluxeBB and vBulletin Misc.PHP SQL Injection Vulnerability

Retired: DeluxeBB and vBulletin Misc.PHP SQL Injection Vulnerability

DeluxeBB and vBulletin are prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

The vulnerabilty described does not affect vBulletin, and was previously documented in BID 17989 (DeluxeBB SQL Injection Vulnerability) for DeluxeBB. Therefore this BID is being retired.