2012-08-28 16:00:00
mitre
PUBLISHED
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter.