Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbulletin vbulletin 3.6.5 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-1292
SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin prior to 3.5.8, and prior to 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only i...
Jelsoft Vbulletin 3.6.0
Jelsoft Vbulletin 3.6.5
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.1
Jelsoft Vbulletin 3.6.2
Jelsoft Vbulletin 3.6.3
Jelsoft Vbulletin 3.6.4
1 EDB exploit
435
VMScore
CVE-2008-3184
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.10 PL2 and previous versions, and 3.7.2 and previous versions 3.7.x versions, allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO (PHP_SELF) or (2) the do parameter, as demo...
Vbulletin Vbulletin 3.6.3
Vbulletin Vbulletin 3.6.4
Vbulletin Vbulletin 3.7.1
Vbulletin Vbulletin 3.6.1
Vbulletin Vbulletin 3.6.10
Vbulletin Vbulletin 3.6.7
Vbulletin Vbulletin 3.6.8
Vbulletin Vbulletin 3.6.2
Vbulletin Vbulletin 3.6.9
Vbulletin Vbulletin 3.7.0
Vbulletin Vbulletin 3.6
Vbulletin Vbulletin 3.6.5
Vbulletin Vbulletin 3.6.6
Vbulletin Vbulletin 3.7.2
1 EDB exploit
828
VMScore
CVE-2007-4120
Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) spec...
Jelsoft Vbulletin 3.6.5
534
VMScore
CVE-2007-1573
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field.
Jelsoft Vbulletin
Jelsoft Vbulletin 3.6.4
383
VMScore
CVE-2007-1342
Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the add rss url form.
Jelsoft Vbulletin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started