Vulnerability Details CVE-2007-1573
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v2 Score 6.0
References
- http://osvdb.org/34070
- http://secunia.com/advisories/24503
- http://www.securityfocus.com/archive/1/462963/100/0/threaded
- http://www.vbulletin.com/forum/project.php?issueid=21615
- http://osvdb.org/34070
- http://secunia.com/advisories/24503
- http://www.securityfocus.com/archive/1/462963/100/0/threaded
- http://www.vbulletin.com/forum/project.php?issueid=21615