| VID |
21361 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The vBulletin installed on the remote web server, according to its version number, has an 'item_number' variable SQL Injection Vulnerability.
vBulletin is a PHP-based Web forum developed by Jelsoft Enterprises that uses a MySQL database. vBulletin versions 3.0 through 3.0.3 are vulnerable to a SQL Injection Vulnerability, caused by a failure of the application to properly validate user-supplied input prior to including it in an SQL query. By embedding malicious SQL code in the '$item_number' variable in a specially-crafted POST request when verifying a user's subscription, a remote attacker could add, modify or delete data in the backend database.
* Note: This check solely relied on the version number of the remote vBulletin to assess this vulnerability, so this might be a false positive.
* References:
http://www.securiteam.com/unixfocus/5BP0E15E0M.html
* Platforms Affected:
Jelsoft Enterprises Limited, vBulletin 3.0 through 3.0.3
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of September 2004.
Upgrade to the fixed version of vBulletin, when new fixed version becomes available from the vBulletin Download page at http://www.vbulletin.com/download.php |
| Related URL |
CVE-2004-2695 (CVE) |
| Related URL |
11193 (SecurityFocus) |
| Related URL |
17365 (ISS) |
|
