Full title: vBGarage Pro vBulletin Mod - SQL Injection 
Category: web applications
Platform: php
vBGarage Pro search parameter "model_year" is unsanitzed, which can lead to an SQL Injection.

# 0day.today @ http://0day.today/