Security Advisory

CVE-2008-6255

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-02-24 18:00:00

Last updated 2024-08-07 11:20:25

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.

← Browse all CVEs View on cve.org ↗