Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and previous versions allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter in a lostpw action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vbulletin vbulletin 4.0.7 |
||
vbulletin vbulletin 4.0.6 |
||
vbulletin vbulletin 4.0.5 |
||
vbulletin vbulletin 4.0.4 |
||
vbulletin vbulletin 4.1.1 |
||
vbulletin vbulletin 4.0.8 |
||
vbulletin vbulletin 4.0.3 |
||
vbulletin vbulletin 4.0.1 |
||
vbulletin vbulletin |
||
vbulletin vbulletin 4.1.2 |
||
vbulletin vbulletin 4.1 |
||
vbulletin vbulletin 4.0.2 |
||
vbulletin vbulletin 4.0.0 |