SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote malicious users to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jelsoft vbulletin 3.0.0 |
||
jelsoft vbulletin 3.0.4 |
||
jelsoft vbulletin 3.0.5 |
||
jelsoft vbulletin 3.0.0_beta_2 |
||
jelsoft vbulletin 3.0.0_can4 |
||
jelsoft vbulletin 3.0.6 |
||
jelsoft vbulletin 3.0_beta_2 |
||
jelsoft vbulletin 3.0.0_rc4 |
||
jelsoft vbulletin 3.0.1 |
||
jelsoft vbulletin 3.0.2 |
||
jelsoft vbulletin 3.0.3 |