Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jelsoft vbulletin vulnerabilities and exploits
(subscribe to this query)
510
VMScore
CVE-2005-0429
Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 up to and including 3.0.4, when showforumusers is enabled, allows remote malicious users to execute inject arbitrary PHP commands via the comma parameter.
Jelsoft Vbulletin 3.0
Jelsoft Vbulletin 3.0.1
Jelsoft Vbulletin 3.0.2
Jelsoft Vbulletin 3.0.3
Jelsoft Vbulletin 3.0.4
2 EDB exploits
685
VMScore
CVE-2006-6040
Multiple cross-site scripting (XSS) vulnerabilities in admincp/index.php in Jelsoft vBulletin 3.6.x allow remote malicious users to inject arbitrary web script or HTML via (1) the prefs parameter in a buildnavprefs action or (2) the navprefs parameter in a savenavprefs action.
Jelsoft Vbulletin 3.6.0
Jelsoft Vbulletin 3.6.1
Jelsoft Vbulletin 3.6.2
Jelsoft Vbulletin 3.6.3
1 EDB exploit
445
VMScore
CVE-2006-1816
PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 allows remote malicious users to execute arbitrary code via a URL in the systempath parameter to (1) ImpExModule.php, (2) ImpExController.php, and (3) ImpExDisplay.php.
Jelsoft Vbulletin 3.5.2
Jelsoft Vbulletin 3.5.4
Jelsoft Vbulletin 3.5.1
534
VMScore
CVE-2007-1573
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field.
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.4
435
VMScore
CVE-2006-1040
Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote malicious users to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php.
Jelsoft Vbulletin 3.0.12
Jelsoft Vbulletin 3.5.3
1 EDB exploit
440
VMScore
CVE-2004-1823
Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 up to and including 3.0 can4 allows remote malicious users to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php.
Jelsoft Vbulletin 3.0.0
Jelsoft Vbulletin 3.0.0 Can4
2 EDB exploits
685
VMScore
CVE-2006-4273
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote malicious users to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explore...
Jelsoft Vbulletin 3.5.4
Jelsoft Vbulletin 3.6.0
1 EDB exploit
383
VMScore
CVE-2007-1342
Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the add rss url form.
Jelsoft Vbulletin
755
VMScore
CVE-2002-1660
calendar.php in vBulletin prior to 2.2.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the command parameter.
Jelsoft Vbulletin
1 EDB exploit
312
VMScore
CVE-2007-2909
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x prior to 3.6.7 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to the vb_calendar366_xss_fix_plugin.xml update.
Jelsoft Vbulletin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »