← back
CVE-2013-3522observed exploitation

CVE-2013-3522

65Vexday Risk Score

Patch now. It exploitation observed by VulnCheck and has a working public exploit.

ssvc Actepss 27%
from disclosure to weapon0 days
Published on NVDMay 10
1st PoCMar 25
metasploitMar 24
VulnCheck+215d
exploitation probability
27%top 2% of all CVEs
observed exploitation
yesVulnCheck
3 public exploit(s)
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.