SB2014101506 - Multiple vulnerabilities in vBulletin
Published: October 15, 2014 Updated: February 9, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2014-8670)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. <a href = "http://cwe.mitre.org/data/definitions/601.html"> CWE-601: URL Redirection to Untrusted Site ('Open Redirect') </a>
2) SQL injection (CVE-ID: CVE-2014-2022)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data passed via the conceptid argument in an xmlrpc API request. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
Remediation
Install update from vendor's website.
References
- http://packetstormsecurity.com/files/128958/vBulletin-4.2.1-Open-Redirect.html
- http://www.securityfocus.com/bid/70906
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98476
- http://packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html
- http://seclists.org/fulldisclosure/2014/Oct/56
- http://www.securityfocus.com/bid/70417
- http://www.securitytracker.com/id/1031001
- https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022