Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
vBulletin SQL注入漏洞
Vulnerability Description
vBulletin是美国Internet Brands和vBulletin Solutions公司共同开发的一款开源的商业Web论坛程序。 vBulletin中的includes/api/4/breadcrumbs_create.php脚本存在SQL注入漏洞。远程攻击者可借助xmlrpc API请求中的‘conceptid’参数利用该漏洞执行任意SQL命令。以下版本受到影响:vBulletin 4.2.2版本,4.2.1版本,4.2.0 PL2及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A