Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jelsoft vbulletin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0036
SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x prior to 2.3.4 allows remote malicious users to steal sensitive information via the eventid parameter.
Jelsoft Vbulletin 2.3.0
4.3
CVSSv2
CVE-2007-0869
Cross-site scripting (XSS) vulnerability in the Attachment Manager (admincp/attachment.php) in Jelsoft vBulletin 3.6.4 allows remote malicious users to inject arbitrary web script or HTML via the Extension field. NOTE: this might be a duplicate of CVE-2007-0830.5. NOTE: the prove...
Jelsoft Vbulletin 3.6.4
4.3
CVSSv2
CVE-2004-0620
Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote malicious users to inject arbitrary HTML or script as other users via the Edit-panel.
Jelsoft Vbulletin 3.0.1
1 EDB exploit
5.8
CVSSv2
CVE-2007-3326
Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow remote malicious users to redirect visitors to arbitrary local files via a .. (dot dot) in (1) the loc parameter to admincp/index.php and (2) the Hyperlink information URl field for post Topic in showthread.php...
Jelsoft Vbulletin 3.0.0
4.3
CVSSv2
CVE-2002-1679
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote malicious users to execute arbitrary script as other users by injecting script into a bulletin board message.
Jelsoft Vbulletin 2.2.0
4.3
CVSSv2
CVE-2007-4453
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.8 allow remote malicious users to inject arbitrary web code or HTML via the (1) s parameter to index.php, and the (2) q parameter to (a) faq.php, (b) member.php, (c) memberlist.php, (d) calendar.php, (e) search....
Jelsoft Vbulletin 3.6.8
3.5
CVSSv2
CVE-2007-0830
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager, (2) User Rank Manage...
Jelsoft Vbulletin 3.6.4
5
CVSSv2
CVE-2006-2805
SQL injection vulnerability in VBulletin 3.0.10 allows remote malicious users to execute arbitrary SQL commands via the featureid parameter.
Jelsoft Vbulletin 3.0.10
1 EDB exploit
4.3
CVSSv2
CVE-2004-2076
Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote malicious users to inject arbitrary web script or HTML via the query parameter.
Jelsoft Vbulletin 3.0.0 Rc4
1 EDB exploit
6.8
CVSSv2
CVE-2003-0295
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote malicious users to inject arbitrary web script and HTML via the "Preview Message" capability.
Jelsoft Vbulletin 3.0.0 Beta 2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »