CVE-2014-2023 – Tapatalk for vBulletin 4.x – multiple blind sql injection (pre-auth)

Posted by oststrom (public) on Oct 13

Hash: SHA1

*Preliminary VulnNote*

CVE-2014-2023 – Tapatalk for vbulletin 4.x – multiple blind sql injection
(pre-auth)

============================================================================
========

Overview

——–

date : 10/12/2014

cvss : 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N) base

cwe : 89

vendor : Tapatalk Inc

product : Tapatalk for vBulletin 4.x

versions affected: latest (to…

007 Software