Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 up to and including 3.0 can4 allows remote malicious users to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jelsoft vbulletin 3.0.0
jelsoft vbulletin 3.0.0_can4

source: wwwsecurityfocuscom/bid/9888/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'forumdisplayphp' script This issue is reportedly due to a failure to sanitize user input and so allow for injection of HTML and script code that may facilitate cross-site scripting attacks Successful ...

source: wwwsecurityfocuscom/bid/9889/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'showthreadphp' script This issue is reportedly due to a failure to sanitize user input and so allow for injection of HTML and script code that may facilitate cross-site scripting attacks Successful ex ...

NVD-CWE-Other http://www.securityfocus.com/bid/9888 http://www.securityfocus.com/bid/9889 http://secunia.com/advisories/11142 http://www.osvdb.org/4310 http://www.osvdb.org/4311 http://securitytracker.com/id?1009440 http://marc.info/?l=bugtraq&m=107945556112453&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15495 https://nvd.nist.gov https://www.exploit-db.com/exploits/23822/

CVE-2004-1823

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect