Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbulletin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-1816
PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 allows remote malicious users to execute arbitrary code via a URL in the systempath parameter to (1) ImpExModule.php, (2) ImpExController.php, and (3) ImpExDisplay.php.
Jelsoft Vbulletin 3.5.2
Jelsoft Vbulletin 3.5.4
Jelsoft Vbulletin 3.5.1
4.3
CVSSv2
CVE-2014-3135
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO to privatemessage/new/, (2) the folderid parameter to a private message in privatemessage/view, (3) a fragment ...
Vbulletin Vbulletin 5.1.1
7.5
CVSSv2
CVE-2008-2460
SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote malicious users to execute arbitrary SQL commands via the q parameter in a search action.
Vbulletin Vbulletin 3.7.0
7.5
CVSSv2
CVE-2012-4686
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote malicious users to execute arbitrary SQL commands via the announcementid parameter.
Vbulletin Vbulletin 4.1.10
1 EDB exploit
5.8
CVSSv2
CVE-2014-8670
Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Vbulletin Vbulletin 4.2.1
3.5
CVSSv2
CVE-2020-25116
The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager.
Vbulletin Vbulletin 5.6.3
3.5
CVSSv2
CVE-2020-25117
The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager.
Vbulletin Vbulletin 5.6.3
3.5
CVSSv2
CVE-2020-25118
The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager.
Vbulletin Vbulletin 5.6.3
3.5
CVSSv2
CVE-2020-25121
The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options.
Vbulletin Vbulletin 5.6.3
3.5
CVSSv2
CVE-2020-25123
The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager.
Vbulletin Vbulletin 5.6.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »