Security Advisory

CVE-2014-5102

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-07-25 19:00:00

Last updated 2024-08-06 11:34:37

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

← Browse all CVEs View on cve.org ↗