Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbulletin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-6667
Cross-site scripting (XSS) vulnerability in vbshout.php in DragonByte Technologies vBShout module for vBulletin allows remote malicious users to inject arbitrary web script or HTML via the shout parameter in a shout action.
Dragonbyte-tech Vbshout
1 EDB exploit
7.5
CVSSv2
CVE-2017-17672
In vBulletin up to and including 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplat...
Vbulletin Vbulletin
Vbulletin Vbulletin 5.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-17671
vBulletin up to and including 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is blocked but ..\ t...
Vbulletin Vbulletin 5.0.0
Vbulletin Vbulletin
7.5
CVSSv2
CVE-2014-2023
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and previous versions and 5.x up to and including 5.2.1 for vBulletin allow remote malicious users to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscrib...
Tapatalk Tapatalk 5.1.2
Tapatalk Tapatalk 5.1.3
Tapatalk Tapatalk 5.2.0
Tapatalk Tapatalk 5.2.1
Tapatalk Tapatalk 3.9.2
Tapatalk Tapatalk 3.9.3
Tapatalk Tapatalk 4.0.0
Tapatalk Tapatalk 4.1.0
Tapatalk Tapatalk 1.2.3
Tapatalk Tapatalk 1.2.6
Tapatalk Tapatalk 2.0
Tapatalk Tapatalk 1.0.0
Tapatalk Tapatalk 1.0.1
Tapatalk Tapatalk 4.9.0
Tapatalk Tapatalk 4.8.1
Tapatalk Tapatalk 4.3.1
Tapatalk Tapatalk 4.5.0
Tapatalk Tapatalk 4.5.1
Tapatalk Tapatalk 4.6.0
Tapatalk Tapatalk 3.9.0
Tapatalk Tapatalk 3.9.1
Tapatalk Tapatalk 3.1.2
1 EDB exploit
4
CVSSv2
CVE-2015-3419
vBulletin 5.x up to and including 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure.
Vbulletin Vbulletin 5.0.1
Vbulletin Vbulletin 5.0.2
Vbulletin Vbulletin 5.0.3
Vbulletin Vbulletin 5.0.4
Vbulletin Vbulletin 5.1.6
Vbulletin Vbulletin 5.1.3
Vbulletin Vbulletin 5.0.0
Vbulletin Vbulletin 5.0.5
Vbulletin Vbulletin 5.1.0
Vbulletin Vbulletin 5.1.5
Vbulletin Vbulletin 5.1.4
Vbulletin Vbulletin 5.1.2
Vbulletin Vbulletin 5.1.1
9
CVSSv2
CVE-2014-9463
functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.
Vbseo Vbseo -
1 EDB exploit
4.3
CVSSv2
CVE-2014-9469
Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3.
Vbulletin Vbulletin 3.8.7
Vbulletin Vbulletin 4.2.2
Vbulletin Vbulletin 5.0.5
Vbulletin Vbulletin 5.1.3
Vbulletin Vbulletin 3.6
Vbulletin Vbulletin 3.5.4
Vbulletin Vbulletin 3.6.7
5
CVSSv2
CVE-2017-7569
In vBulletin prior to 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.
Vbulletin Vbulletin
5
CVSSv2
CVE-2016-6483
The media-file upload feature in vBulletin prior to 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x prior to 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x prior to 5.2.0 Patch Level 3, 5.2.1 before Patch Level 1, and 5.2.2 before Patch Leve...
Vbulletin Vbulletin 4.2.3
Vbulletin Vbulletin 3.8.8
Vbulletin Vbulletin 5.2.2
Vbulletin Vbulletin 4.2.2
Vbulletin Vbulletin 3.8.9
Vbulletin Vbulletin 3.8.7
Vbulletin Vbulletin 5.2.0
Vbulletin Vbulletin 5.2.1
1 EDB exploit
1 Article
7.5
CVSSv2
CVE-2016-6195
SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin prior to 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote malicious users to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wi...
Vbulletin Vbulletin 4.2.3
Vbulletin Vbulletin
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »