Vulnerability Details CVE-2006-2067
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securityreason.com/securityalert/801
- http://securitytracker.com/id?1015977
- http://www.nukedx.com/?viewdoc=26
- http://www.securityfocus.com/archive/1/431759/100/0/threaded
- http://www.securityfocus.com/bid/17651
- http://securityreason.com/securityalert/801
- http://securitytracker.com/id?1015977
- http://www.nukedx.com/?viewdoc=26
- http://www.securityfocus.com/archive/1/431759/100/0/threaded
- http://www.securityfocus.com/bid/17651