• Register
    • Help

    striker  0 Items
    Currently Supporting
    • Home
    • News
    • Forum
    • Wiki
    • Support
    • What's New?
    • Buy Now
    • Manual
      • Install/Upgrade
      • Admin Manual
      • User Manual
      • Style/Phrase Changes
      • Changelog
      • Security Issues
    • 
    • Wiki
    • Book
    • Documentation
    • VWE-2017-4287

    1. Welcome to VaultWiki.org, home of the wiki add-on for vBulletin and XenForo!

      VaultWiki allows your existing forum users to collaborate on creating and managing a site's content pages. VaultWiki is a fully-featured and fully-supported wiki solution for vBulletin and XenForo.

      The VaultWiki Team encourages you to join our community of forum administrators and check out VaultWiki for yourself.

    • Category
    • View
      • List of Sub-Categories in This Category
      • List of Pages in This Category
    • English (US)

    VWE-2017-4287

    This page is a chapter in Info Known Vulnerabilities
    Common NameNone
    VWE-IDVWE-2017-4287
    Related ReportNone
    SeverityHIGH
    Exploit DifficultyNORMAL
    PlatformAffects all platforms supported by the vulnerable versions.
    DescriptionDenial of Service. Due to a flaw in the integration system, users with certain permissions may be able to replace certain forum nodes with fatal errors. Does not affect Lite versions.
    DiscoveredNovember 19, 2017
    ResolvedDecember 1, 2017
    Patches Available4.0.20 Patch Level 1
    4.0.19 Patch Level 4
    4.0.18 Patch Level 5
    4.0.17 Patch Level 7
    4.0.16 Patch Level 8
    4.0.15 Patch Level 12
    WorkaroundIn the Wiki Admin Panel, go to Content > Integration, and delete all forum integrations (disabling will not work).
    The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

    Notes

    The patch will not correct existing fatal errors; this would require a full upgrade when the next version is released. For forums that were already replaced with fatal errors, run the following MySQL query (replacing "AFFECTED_FORUM_ID" with the appropriate number):
    Code:
    DELETE vw_integrate
    FROM vw_integrate AS vw_integrate
    LEFT JOIN vw_nodetype AS vw_nodetype ON (vw_nodetype.id = vw_integrate.itemtypeid)
    WHERE vw_nodetype.accesskey = 'Page'
    AND vw_integrate.nodeid = AFFECTED_FORUM_ID
    Info Known Vulnerabilities
    VWE-2017-4282 
    VWE-2017-4317 

    This page has been seen 429,416 times.

      • Created by
        pegasus
        • View Public Profile
        • Show contributions to this page
        • Send a private message to pegasus
        • Visit pegasus's homepage!
        on December 2, 2017
        Last updated by
        pegasus
        • View Public Profile
        • Show contributions to this page
        • Send a private message to pegasus
        • Visit pegasus's homepage!
        on April 8, 2018

    Sub-Categories of VWE-2017-4287

    1. #

      1. XSS 4.0.0 Alpha 1

      2. XSS 4.0.0 Alpha 2

      3. XSS 4.0.0 Alpha 3

      4. XSS 4.0.0 Alpha 4

      5. XSS 4.0.0 Alpha 5

      6. XSS 4.0.0 Alpha 6

      7. XSS 4.0.0 Alpha 7

      8. XSS 4.0.0 Beta 1

      9. XSS 4.0.0 Beta 2

      10. XSS 4.0.0 Beta 3

      11. XSS 4.0.0 Beta 4

      12. XSS 4.0.0 Beta 5

      13. XSS 4.0.0 Beta 6

      14. XSS 4.0.0 Beta 7

      15. XSS 4.0.0 Gamma 1

      16. XSS 4.0.0 Gamma 2

      17. XSS 4.0.0 Gamma 3

      18. XSS 4.0.0 Gamma 4

      19. XSS 4.0.0 Gamma 5

      20. XSS 4.0.0 Gamma 6

      21. XSS 4.0.0 Gamma 7

      22. XSS 4.0.0 Patch Level 1

      23. XSS 4.0.0 Patch Level 2

      24. XSS 4.0.0 Patch Level 3

      25. XSS 4.0.0 Patch Level 4

      26. XSS 4.0.0 Patch Level 5

      27. XSS 4.0.0 Patch Level 6

      28. XSS 4.0.0 Patch Level 7

      29. XSS 4.0.0 Patch Level 8

      30. XSS 4.0.0 Patch Level 9

      31. XSS 4.0.0 RC 1 Patch Level 1

      32. XSS 4.0.0 RC 1 Patch Level 2

      33. XSS 4.0.0 RC 1 Patch Level 3

      34. XSS 4.0.0 RC 1 Patch Level 4

    2. # (cont.)

      1. XSS 4.0.0 RC 1 Patch Level 5

      2. XSS 4.0.0 RC 1 Patch Level 6

      3. XSS 4.0.0 RC 1 Patch Level 7

      4. XSS 4.0.0 RC 1

      5. XSS 4.0.0 RC 2 Patch Level 1

      6. XSS 4.0.0 RC 2 Patch Level 2

      7. XSS 4.0.0 RC 2 Patch Level 3

      8. XSS 4.0.0 RC 2 Patch Level 4

      9. XSS 4.0.0 RC 2 Patch Level 5

      10. XSS 4.0.0 RC 2 Patch Level 6

      11. XSS 4.0.0 RC 2 Patch Level 7

      12. XSS 4.0.0 RC 2

      13. XSS 4.0.0 RC 3 Patch Level 1

      14. XSS 4.0.0 RC 3 Patch Level 2

      15. XSS 4.0.0 RC 3 Patch Level 3

      16. XSS 4.0.0 RC 3 Patch Level 4

      17. XSS 4.0.0 RC 3 Patch Level 5

      18. XSS 4.0.0 RC 3 Patch Level 6

      19. XSS 4.0.0 RC 3 Patch Level 7

      20. XSS 4.0.0 RC 3

      21. XSS 4.0.0 RC 4 Patch Level 1

      22. XSS 4.0.0 RC 4 Patch Level 2

      23. XSS 4.0.0 RC 4 Patch Level 3

      24. XSS 4.0.0 RC 4 Patch Level 4

      25. XSS 4.0.0 RC 4 Patch Level 5

      26. XSS 4.0.0 RC 4 Patch Level 6

      27. XSS 4.0.0 RC 4 Patch Level 7

      28. XSS 4.0.0 RC 4 Patch Level 8

      29. XSS 4.0.0 RC 4

      30. XSS 4.0.0 RC 5 Patch Level 1

      31. XSS 4.0.0 RC 5 Patch Level 2

      32. XSS 4.0.0 RC 5 Patch Level 3

      33. XSS 4.0.0 RC 5 Patch Level 4

      34. XSS 4.0.0 RC 5 Patch Level 5

    3. # (cont.)

      1. XSS 4.0.0 RC 5 Patch Level 6

      2. XSS 4.0.0 RC 5 Patch Level 7

      3. XSS 4.0.0 RC 5 Patch Level 8

      4. XSS 4.0.0 RC 5

      5. XSS 4.0.0

      6. XSS 4.0.1 Patch Level 10

      7. XSS 4.0.1 Patch Level 11

      8. XSS 4.0.1 Patch Level 1

      9. XSS 4.0.1 Patch Level 2

      10. XSS 4.0.1 Patch Level 3

      11. XSS 4.0.1 Patch Level 4

      12. XSS 4.0.1 Patch Level 5

      13. XSS 4.0.1 Patch Level 6

      14. XSS 4.0.1 Patch Level 7

      15. XSS 4.0.1 Patch Level 8

      16. XSS 4.0.1 Patch Level 9

      17. XSS 4.0.10 Patch Level 10

      18. XSS 4.0.10 Patch Level 11

      19. XSS 4.0.10 Patch Level 1

      20. XSS 4.0.10 Patch Level 2

      21. XSS 4.0.10 Patch Level 3

      22. XSS 4.0.10 Patch Level 4

      23. XSS 4.0.10 Patch Level 5

      24. XSS 4.0.10 Patch Level 6

      25. XSS 4.0.10 Patch Level 7

      26. XSS 4.0.10 Patch Level 8

      27. XSS 4.0.10 Patch Level 9

      28. XSS 4.0.10

      29. XSS 4.0.11 Patch Level 10

      30. XSS 4.0.11 Patch Level 11

      31. XSS 4.0.11 Patch Level 1

      32. XSS 4.0.11 Patch Level 2

    View All Pages

    Users Browsing This Page (0 members, 1 guests)

    Search the Wiki

    Show results of these types:

    Share This Page

    Click a button below to activate it. Click again to share. Privacy Information Keep in mind that simply activating a button will reveal some of your browsing data with the selected third-party service in accordance with their own Terms of Service and/or Privacy Policy.
    Like0
    Link here from this web site
    Link here from the web
    Submit to Digg Digg
    Submit to del.icio.us del.icio.us
    Submit to StumbleUpon StumbleUpon
    Submit to Google Google

    Recent Activity

    Show results from
    Filters

    Info Known Vulnerabilities

    Book Table of Contents
    • 34VWE-2011-0148
    • 35VWE-2013-0228-1
    • 36VWE-2012-0205
    • 37VWE-2013-0228-2
    • 38VWE-2013-0228-3
    • 39VWE-2013-0228-4
    • 40VWE-2013-0010
    • 41VWE-2013-0012
    • 42VWE-2013-0038
    • 43VWE-2013-0039
    • 44VWE-2014-0070
    • 45VWE-2014-0086
    • 46VWE-2014-0112
    • 47VWE-2014-0232
    • 48VWE-2014-0338
    • 49VWE-2014-0383
    • 50VWE-2015-0843
    • 51VWE-2015-0870
    • 52VWE-2015-0896
    • 53VWE-2015-0908
    • 54VWE-2015-0973
    • 55VWE-2015-0974
    • 56VWE-2015-1005
    • 57VWE-2015-1012
    • 58VWE-2015-1014
    • 59VWE-2015-1015
    • 60VWE-2015-1024
    • 61VWE-2015-1032
    • 62VWE-2015-1040
    • 63VWE-2015-1112
    • 64VWE-2015-1166
    • 65VWE-2015-1178
    • 66VWE-2015-1601
    • 67VWE-2015-1618
    • 68VWE-2015-1636
    • 69VWE-2015-1766
    • 70VWE-2015-1778
    • 71VWE-2015-1812
    • 72VWE-2015-1840
    • 73VWE-2016-2034
    • 74VWE-2016-2039
    • 75VWE-2016-2072
    • 76VWE-2016-2047
    • 77VWE-2016-2064
    • 78VWE-2016-2081
    • 79VWE-2016-2370
    • 80VWE-2016-2706
    • 81VWE-2016-2738
    • 82VWE-2016-2889
    • 83VWE-2016-2890
    • 84VWE-2016-2905
    • 85VWE-2016-2906
    • 86VWE-2016-3063
    • 87VWE-2016-3080
    • 88VWE-2016-3087
    • 89VWE-2016-3104
    • 90VWE-2016-3112
    • 91VWE-2016-3120
    • 92VWE-2016-3128
    • 93VWE-2017-3388
    • 94VWE-2017-3396
    • 95VWE-2017-3407
    • 96VWE-2017-3415
    • 97VWE-2017-3428
    • 98VWE-2017-3436
    • 99VWE-2017-3437
    • 100VWE-2017-3445
    • 101VWE-2017-3677
    • 102VWE-2017-3679
    • 103VWE-2017-3682
    • 104VWE-2017-3683
    • 105VWE-2017-3684
    • 106VWE-2017-3686
    • 107VWE-2017-3687
    • 108VWE-2017-3733
    • 109VWE-2017-3734
    • 110VWE-2017-3857
    • 111VWE-2017-3858
    • 112VWE-2017-3978
    • 113VWE-2017-3979
    • 114VWE-2017-3981
    • 115VWE-2017-3992
    • 116VWE-2017-3999
    • 117VWE-2017-4004
    • 118VWE-2017-4012
    • 119VWE-2017-4030
    • 120VWE-2017-4031
    • 121VWE-2017-4032
    • 122VWE-2017-4033
    • 123VWE-2017-4073
    • 124VWE-2017-4075
    • 125VWE-2017-4131
    • 126VWE-2017-4138
    • 127VWE-2017-4152
    • 128VWE-2017-4153
    • 129VWE-2017-4265
    • 130VWE-2017-4266
    • 131VWE-2017-4267
    • 132VWE-2017-4275
    • 133VWE-2017-4282
    • 134VWE-2017-4287
    • 135VWE-2017-4317
    • 136VWE-2017-4318
    • 137VWE-2017-4319
    • 138VWE-2017-4320
    • 139VWE-2017-4325
    • 140VWE-2017-4326
    • 141VWE-2018-4336
    • 142VWE-2018-4337
    • 143VWE-2018-4345
    • 144VWE-2018-4346
    • 145VWE-2018-4347
    • 146VWE-2018-4348
    • 147VWE-2018-4350
    • 148VWE-2018-4352
    • 149VWE-2018-4356
    • 150VWE-2018-4394
    • 151VWE-2018-4471
    • 152VWE-2018-4485
    • 153VWE-2018-4535
    • 154VWE-2018-4536
    • 155VWE-2018-4573
    • 156VWE-2018-4574
    • 157VWE-2018-4610
    • 158VWE-2018-4614
    • 159VWE-2018-4618
    • 160VWE-2018-4620
    • 161VWE-2018-4625
    • 162VWE-2018-4626
    • 163VWE-2018-4627
    • 164VWE-2018-4630
    • 165VWE-2018-4631
    • 166VWE-2018-4632
    • 167VWE-2018-4662
    • 168VWE-2018-4666
    • 169VWE-2018-4667
    • 170VWE-2018-4670
    • 171VWE-2018-4671
    • 172VWE-2018-4673
    • 173VWE-2018-4972
    • 174VWE-2019-5016
    • 175VWE-2019-5150
    • 176VWE-2019-5151
    • 177VWE-2019-5157
    • 178VWE-2019-5159
    • 179VWE-2019-5160
    • 180VWE-2019-5161
    • 181VWE-2019-5162
    • 182VWE-2019-5163
    • 183VWE-2019-5171
    • 184VWE-2019-5172
    • 185VWE-2019-5181
    • 186VWE-2019-5188
    • 187VWE-2019-5189
    • 188VWE-2019-5193
    • 189VWE-2019-5241
    • 190VWE-2019-5244
    • 191VWE-2019-5261
    • 192VWE-2019-5266
    • 193VWE-2019-5268
    • 194VWE-2019-5275
    • 195VWE-2019-5280
    • 196VWE-2019-5360
    • 197VWE-2019-5361
    • 198VWE-2019-5363
    • 199VWE-2019-5375
    • 200VWE-2019-5391
    • 201VWE-2019-5416
    • 202VWE-2019-5425
    • 203VWE-2019-5452
    • 204VWE-2019-5453
    • 205VWE-2019-5463
    • 206VWE-2020-5454
    • 207VWE-2020-5468
    • 208VWE-2020-5603
    • 209VWE-2020-5604
    • 210VWE-2020-5622
    • 211VWE-2020-5623
    • 212VWE-2020-5631
    • 213VWE-2020-5636
    • 214VWE-2020-5643
    • 215VWE-2020-5645
    • 216VWE-2020-5727
    • 217VWE-2020-5774
    • 218VWE-2020-5782
    • 219VWE-2020-5788
    • 220VWE-2020-5789
    • 221VWE-2020-5794
    • 222VWE-2020-5795
    • 223VWE-2020-5804
    • 224VWE-2020-5805
    • 225VWE-2020-5857
    • 226VWE-2020-5862
    • 227VWE-2020-5875
    • 228VWE-2020-5917
    • 229VWE-2020-5928
    • 230VWE-2020-5930
    • 231VWE-2020-5937
    • 232VWE-2020-5943
    • 233VWE-2020-5948

    Legend

    • Category with listings
    Color code
    • Content has new updates
    • Content has no updates
    • Contact Us
    • License Agreement
    • Privacy
    • Terms
    • Top
    All times are GMT -4. The time now is 6:42 AM.
    This site uses cookies to help personalize content, to tailor your experience, and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Learn more… Accept Remind me later
  • striker
    Powered by vBulletin® Version 4.2.5 Beta 2
    Copyright © 2025 vBulletin Solutions Inc. All rights reserved.
    Search Engine Optimisation provided by DragonByte SEO (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
    Copyright © 2008 - 2024 VaultWiki Team, Cracked Egg Studios, LLC.
    "Wiki" powered by VaultWiki v4.1.9.