|
|
CVE Reference: CVE-2008-6255 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-6255 |
|
|
Description: Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/46682 SAID Secunia Advisory: SA32775 MISC http://www.waraxe.us/advisory-69.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/498390/100/0/threaded |
|
| Return to the previous page. |
