Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbulletin vbulletin 3.6.5 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1292
SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin prior to 3.5.8, and prior to 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only i...
Jelsoft Vbulletin 3.6.0
Jelsoft Vbulletin 3.6.5
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.1
Jelsoft Vbulletin 3.6.2
Jelsoft Vbulletin 3.6.3
Jelsoft Vbulletin 3.6.4
1 EDB exploit
4.3
CVSSv2
CVE-2008-3184
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.10 PL2 and previous versions, and 3.7.2 and previous versions 3.7.x versions, allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO (PHP_SELF) or (2) the do parameter, as demo...
Vbulletin Vbulletin 3.6.3
Vbulletin Vbulletin 3.6.4
Vbulletin Vbulletin 3.7.1
Vbulletin Vbulletin 3.6.1
Vbulletin Vbulletin 3.6.10
Vbulletin Vbulletin 3.6.7
Vbulletin Vbulletin 3.6.8
Vbulletin Vbulletin 3.6.2
Vbulletin Vbulletin 3.6.9
Vbulletin Vbulletin 3.7.0
Vbulletin Vbulletin 3.6
Vbulletin Vbulletin 3.6.5
Vbulletin Vbulletin 3.6.6
Vbulletin Vbulletin 3.7.2
1 EDB exploit
9.3
CVSSv2
CVE-2007-4120
Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) spec...
Jelsoft Vbulletin 3.6.5
6
CVSSv2
CVE-2007-1573
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field.
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.4
4.3
CVSSv2
CVE-2007-1342
Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the add rss url form.
Jelsoft Vbulletin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started