VBulletin 'update_order' Parameter SQL Injection Vulnerability

Bugtraq ID: 61449
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jul 24 2013 12:00AM
Updated: Jul 24 2013 12:00AM
Credit: n3tw0rk
Vulnerable: VBulletin VBulletin 4.0.2
VBulletin VBulletin 4.0.1
VBulletin VBulletin 4.0 PL 1
VBulletin VBulletin 4.0.8 PL3
VBulletin VBulletin 4.0.8
VBulletin VBulletin 4.0.7 PL1
VBulletin VBulletin 4.0.6 PL1
VBulletin VBulletin 4.0.5 PL1
VBulletin VBulletin 4.0.4 PL2
VBulletin VBulletin 4.0.3 PL2
VBulletin VBulletin 4.0.2 PL5
VBulletin VBulletin 4.0.2 PL 4
VBulletin VBulletin 4.0.2 PL 3
VBulletin VBulletin 4.0.2 PL 2
VBulletin VBulletin 4.0.1 PL1
VBulletin VBulletin 4.0.0 PL2
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus