CVE-2013-3522 Information

Description

SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11 5.0.0 Beta 28 and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.

Reference

http://www.exploit-db.com/exploits/24882 http://www.osvdb.org/92031