VULHUB ™

It is reported that the "Last 10 Posts" script for vBulletin is susceptible to an SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to utilizing it in an SQL query. An attacker can exploit this issue to manipulate and inject SQL queries into the underlying database. It may be possible to leverage this issue to steal database contents including user credentials as well as to attack the underlying database. Version 2.0.1 is reported susceptible to this vulnerability. Other versions may also be affected.

It is reported that the "Last 10 Posts" script for vBulletin is susceptible to an SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to utilizing it in an SQL query. An attacker can exploit this issue to manipulate and inject SQL queries into the underlying database. It may be possible to leverage this issue to steal database contents including user credentials as well as to attack the underlying database. Version 2.0.1 is reported susceptible to this vulnerability. Other versions may also be affected.