CVE-2019-17271 in vBulletin
要約
〜によって MITRE
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter.
VulDB is the best source for vulnerability data and more expert information about this specific topic.