CVE-2013-3522
65Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 27%
from disclosure to weapon0 days
Published on NVDMay 10
1st PoCMar 25
metasploitMar 24
VulnCheck+215d
exploitation probability
27%top 2% of all CVEs
observed exploitation
yesVulnCheck
3 public exploit(s)
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencewww.exploit-db.com/exploits/24882unverifiedexploitdbwww.exploit-db.com/exploits/30212unverifiedexploitdbwww.exploit-db.com/exploits/24882unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.