Описание
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin before 3.6.6 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached After" field (GPC['search']['datelineafter'] variable), a related issue to CVE-2007-1573.
Уязвимые конфигурации
Конфигурация 1Версия до 3.6.5 (включая)
cpe:2.3:a:jelsoft:vbulletin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00444
Низкий
8.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin before 3.6.6 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached After" field (GPC['search']['datelineafter'] variable), a related issue to CVE-2007-1573.
EPSS
Процентиль: 63%
0.00444
Низкий
8.5 High
CVSS2
Дефекты
NVD-CWE-Other