Vbulletin · Vbulletin Forum · CVE-2004-0036
**Name of the Vulnerable Software and Affected Versions**
vBulletin Forum versions 2.3.x through 2.3.3
**Description**
The issue allows remote attackers to steal sensitive information. It involves a SQL injection vulnerability in the calendar.php file, specifically via the `eventid` parameter.
**Recommendations**
For vBulletin Forum versions 2.3.x through 2.3.3, update to version 2.3.4 to resolve the issue.