Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbulletin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-2908
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin prior to 3.6.6 allows remote malicious users to inject arbitrary web script or HTML via the title field in a single add action.
Jelsoft Vbulletin
1 EDB exploit
3.5
CVSSv2
CVE-2007-2909
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x prior to 3.6.7 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to the vb_calendar366_xss_fix_plugin.xml update.
Jelsoft Vbulletin
4.3
CVSSv2
CVE-2007-2910
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin prior to 3.6.7 PL1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to the vb_367_xss_fix_plugin.xml update, a related issue to CVE-2007-2909.
Jelsoft Vbulletin
8.5
CVSSv2
CVE-2007-2911
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin prior to 3.6.6 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached After" field (GPC['search']['datelineafter'] variable), a related...
Jelsoft Vbulletin
5
CVSSv2
CVE-2007-2912
Unspecified vulnerability in Jelsoft vBulletin prior to 3.6.6, when unauthenticated User Infraction Permissions is disabled, allows remote malicious users to see the infraction "red flag" for a deleted user.
Jelsoft Vbulletin
6
CVSSv2
CVE-2007-1573
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field.
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.4
4.3
CVSSv2
CVE-2007-1342
Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the add rss url form.
Jelsoft Vbulletin
7.5
CVSSv2
CVE-2007-1292
SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin prior to 3.5.8, and prior to 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only i...
Jelsoft Vbulletin 3.6.0
Jelsoft Vbulletin 3.6.5
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.1
Jelsoft Vbulletin 3.6.2
Jelsoft Vbulletin 3.6.3
Jelsoft Vbulletin 3.6.4
1 EDB exploit
4.3
CVSSv2
CVE-2007-0869
Cross-site scripting (XSS) vulnerability in the Attachment Manager (admincp/attachment.php) in Jelsoft vBulletin 3.6.4 allows remote malicious users to inject arbitrary web script or HTML via the Extension field. NOTE: this might be a duplicate of CVE-2007-0830.5. NOTE: the prove...
Jelsoft Vbulletin 3.6.4
3.5
CVSSv2
CVE-2007-0830
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager, (2) User Rank Manage...
Jelsoft Vbulletin 3.6.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »