CVE-2005-3019: SQL Injection
First published: Wed Sep 21 2005(Updated: )
Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow remote attackers to execute arbitrary SQL commands via the (1) request parameter to joinrequests.php, (2) limitnumber or (3) limitstart to user.php, (4) usertitle.php, or (5) usertools.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jelsoft vBulletin | =2.2.0 | |
| Jelsoft vBulletin | =2.0_rc2 | |
| Jelsoft vBulletin | =3.0.4 | |
| Jelsoft vBulletin | =3.0_beta_6 | |
| Jelsoft vBulletin | =2.3.0 | |
| Jelsoft vBulletin | =2.3.2 | |
| Jelsoft vBulletin | =3.0.1 | |
| Jelsoft vBulletin | =2.0_rc3 | |
| Jelsoft vBulletin | =3.0.6 | |
| Jelsoft vBulletin | =2.2.1 | |
| Jelsoft vBulletin | =2.2.7 | |
| Jelsoft vBulletin | =2.0.3 | |
| Jelsoft vBulletin | =3.0_beta_7 | |
| Jelsoft vBulletin | =3.0_beta_3 | |
| Jelsoft vBulletin | =2.2.4 | |
| Jelsoft vBulletin | =3.0_beta_2 | |
| Jelsoft vBulletin | =2.2.2 | |
| Jelsoft vBulletin | =2.2.5 | |
| Jelsoft vBulletin | =2.2.6 | |
| Jelsoft vBulletin | =3.0.2 | |
| Jelsoft vBulletin | =3.0_gamma | |
| Jelsoft vBulletin | =2.2.9 | |
| Jelsoft vBulletin | =3.0.7 | |
| Jelsoft vBulletin | =3.0.8 | |
| Jelsoft vBulletin | =3.0_beta_4 | |
| Jelsoft vBulletin | =3.0.3 | |
| Jelsoft vBulletin | =1.0.1 | |
| Jelsoft vBulletin | =3.0.5 | |
| Jelsoft vBulletin | =2.2.8 | |
| Jelsoft vBulletin | =2.3.4 | |
| Jelsoft vBulletin | =2.2.3 | |
| Jelsoft vBulletin | =3.0 | |
| Jelsoft vBulletin | =3.0_beta_5 | |
| Jelsoft vBulletin | =2.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/author
- agent/description
- agent/type
- agent/references
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jelsoft
- canonical/jelsoft vbulletin
- version/jelsoft vbulletin/2.2.0
- version/jelsoft vbulletin/2.0_rc2
- version/jelsoft vbulletin/3.0.4
- version/jelsoft vbulletin/3.0_beta_6
- version/jelsoft vbulletin/2.3.0
- version/jelsoft vbulletin/2.3.2
- version/jelsoft vbulletin/3.0.1
- version/jelsoft vbulletin/2.0_rc3
- version/jelsoft vbulletin/3.0.6
- version/jelsoft vbulletin/2.2.1
- version/jelsoft vbulletin/2.2.7
- version/jelsoft vbulletin/2.0.3
- version/jelsoft vbulletin/3.0_beta_7
- version/jelsoft vbulletin/3.0_beta_3
- version/jelsoft vbulletin/2.2.4
- version/jelsoft vbulletin/3.0_beta_2
- version/jelsoft vbulletin/2.2.2
- version/jelsoft vbulletin/2.2.5
- version/jelsoft vbulletin/2.2.6
- version/jelsoft vbulletin/3.0.2
- version/jelsoft vbulletin/3.0_gamma
- version/jelsoft vbulletin/2.2.9
- version/jelsoft vbulletin/3.0.7
- version/jelsoft vbulletin/3.0.8
- version/jelsoft vbulletin/3.0_beta_4
- version/jelsoft vbulletin/3.0.3
- version/jelsoft vbulletin/1.0.1
- version/jelsoft vbulletin/3.0.5
- version/jelsoft vbulletin/2.2.8
- version/jelsoft vbulletin/2.3.4
- version/jelsoft vbulletin/2.2.3
- version/jelsoft vbulletin/3.0
- version/jelsoft vbulletin/3.0_beta_5
- version/jelsoft vbulletin/2.3.3