CVE-2006-5104

Jelsoft vBulletin 2.x - SQL Injection

Title source: llm

Description

SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote attackers to execute arbitrary SQL commands via the templatesused parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by HACKERS PAL · textwebappsphp

https://www.exploit-db.com/exploits/28694

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/20214

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/29174

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/447010/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/1661

Scores

EPSS 0.0034

EPSS Percentile 56.4%

Classification

Status draft

Affected Products (5)

jelsoft/vbulletin

Timeline

Published Oct 03, 2006

Tracked Since Feb 18, 2026