CVE-2014-2023
26.10.2017, 20:29
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| tapatalk | tapatalk | 1.0.0 |
| tapatalk | tapatalk | 1.0.1 |
| tapatalk | tapatalk | 1.0.2 |
| tapatalk | tapatalk | 1.1.0 |
| tapatalk | tapatalk | 1.1.1 |
| tapatalk | tapatalk | 1.1.2 |
| tapatalk | tapatalk | 1.2.0 |
| tapatalk | tapatalk | 1.2.1 |
| tapatalk | tapatalk | 1.2.3 |
| tapatalk | tapatalk | 1.2.6 |
| tapatalk | tapatalk | 2.0 |
| tapatalk | tapatalk | 3.1.2 |
| tapatalk | tapatalk | 3.1.3 |
| tapatalk | tapatalk | 3.1.4 |
| tapatalk | tapatalk | 3.1.5 |
| tapatalk | tapatalk | 3.2.0 |
| tapatalk | tapatalk | 3.9.0 |
| tapatalk | tapatalk | 3.9.1 |
| tapatalk | tapatalk | 3.9.2 |
| tapatalk | tapatalk | 3.9.3 |
| tapatalk | tapatalk | 4.0.0 |
| tapatalk | tapatalk | 4.1.0 |
| tapatalk | tapatalk | 4.2.0 |
| tapatalk | tapatalk | 4.2.1 |
| tapatalk | tapatalk | 4.3.0 |
| tapatalk | tapatalk | 4.3.1 |
| tapatalk | tapatalk | 4.4.0 |
| tapatalk | tapatalk | 4.5.0 |
| tapatalk | tapatalk | 4.5.1 |
| tapatalk | tapatalk | 4.5.2 |
| tapatalk | tapatalk | 4.6.0 |
| tapatalk | tapatalk | 4.7.0 |
| tapatalk | tapatalk | 4.7.1 |
| tapatalk | tapatalk | 4.7.2 |
| tapatalk | tapatalk | 4.8.0 |
| tapatalk | tapatalk | 4.8.1 |
| tapatalk | tapatalk | 4.9.0 |
| tapatalk | tapatalk | 5.0.0 |
| tapatalk | tapatalk | 5.0.1 |
| tapatalk | tapatalk | 5.1.0 |
| tapatalk | tapatalk | 5.1.1 |
| tapatalk | tapatalk | 5.1.2 |
| tapatalk | tapatalk | 5.1.3 |
| tapatalk | tapatalk | 5.2.0 |
| tapatalk | tapatalk | 5.2.1 |
𝑥
= Vulnerable software versions
References