Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jelsoft vbulletin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2910
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin prior to 3.6.7 PL1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to the vb_367_xss_fix_plugin.xml update, a related issue to CVE-2007-2909.
Jelsoft Vbulletin
NA
CVE-2007-2911
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin prior to 3.6.6 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached After" field (GPC['search']['datelineafter'] variable), a related...
Jelsoft Vbulletin
NA
CVE-2002-1660
calendar.php in vBulletin prior to 2.2.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the command parameter.
Jelsoft Vbulletin
1 EDB exploit
NA
CVE-2001-0475
index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote malicious users to execute arbitrary PHP code via special characters in the templatecache parameter.
Jelsoft Vbulletin
NA
CVE-2007-1342
Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the add rss url form.
Jelsoft Vbulletin
NA
CVE-2004-0091
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote malicious users to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has...
Jelsoft Vbulletin 3.0 Beta 2
NA
CVE-2002-1679
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote malicious users to execute arbitrary script as other users by injecting script into a bulletin board message.
Jelsoft Vbulletin 2.2.0
NA
CVE-2006-0080
Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possibly earlier versions, allows remote malicious users to inject arbitrary web script or HTML via the title of an event, which is not properly filtered by (1) calendar.php and (2) reminder.php.
Jelsoft Vbulletin 3.5.2
NA
CVE-2007-3326
Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow remote malicious users to redirect visitors to arbitrary local files via a .. (dot dot) in (1) the loc parameter to admincp/index.php and (2) the Hyperlink information URl field for post Topic in showthread.php...
Jelsoft Vbulletin 3.0.0
NA
CVE-2006-2805
SQL injection vulnerability in VBulletin 3.0.10 allows remote malicious users to execute arbitrary SQL commands via the featureid parameter.
Jelsoft Vbulletin 3.0.10
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »