CVE-2014-2023

Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tapatalk:tapatalk:1.0.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.0.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.0.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.1.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.1.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.1.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.2.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.2.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.2.3:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:1.2.6:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:2.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.1.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.1.3:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.1.4:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.1.5:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.2.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.9.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.9.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.9.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:3.9.3:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.0.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.1.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.2.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.2.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.3.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.3.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.4.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.5.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.5.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.5.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.6.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.7.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.7.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.7.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.8.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.8.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:4.9.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.0.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.0.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.1.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.1.1:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.1.2:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.1.3:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.2.0:*:*:*:*:vbulletin:*:*
cpe:2.3:a:tapatalk:tapatalk:5.2.1:*:*:*:*:vbulletin:*:*

History

No history.

Information

Published : 2017-10-26 20:29

Updated : 2024-02-28 16:04


NVD link : CVE-2014-2023

Mitre link : CVE-2014-2023

CVE.ORG link : CVE-2014-2023


JSON object : View

Products Affected

tapatalk

  • tapatalk
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')