NuytsTech Security

CVE-2013-3527

by ·

Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or (2) entry/passwordrequest.

Date published : 2013-05-10

http://www.securityfocus.com/bid/58922

http://archives.neohapsis.com/archives/bugtraq/2013-04/0068.html

Tags: