SQL Injection Vulnerability in vBulletin 4.2.2 and Earlier Versions
CVE-2014-2022 · HIGH Severity
AV:N/AC:H/AU:S/C:C/I:C/A:C
SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.
Learn more about our Api Penetration Testing.