Description
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Mustafa Can Bjorn IPEKCI · textwebappsphp
https://www.exploit-db.com/exploits/27725
References (5)
Core 5
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.nukedx.com/?viewdoc=26
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015977
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/801
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17651
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/431759/100/0/threaded
Scores
EPSS
0.0053
EPSS Percentile
67.6%
Details
Status
published
Products (1)
mkportal/mkportal
1.1
Published
Apr 27, 2006
Tracked Since
Feb 18, 2026