Lucene search
+L

133 matches found

Cvelist
Cvelist
added 2007/05/30 10:0 a.m.20 views

CVE-2007-2911

SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin before 3.6.6 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached After" field GPC'search''datelineafter' variable, a related issue to CVE-2007-1573...

7.9AI score0.01305EPSS
Exploits0References3
Prion
Prion
added 2007/03/21 9:19 p.m.26 views

Sql injection

SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field...

6CVSS8.2AI score0.00903EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2007/03/21 9:19 p.m.18 views

CVE-2007-1573

SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field...

6CVSS7.8AI score0.00903EPSS
Exploits1References4
CVE
CVE
added 2007/03/21 9:0 p.m.60 views

CVE-2007-1573

CVE-2007-1573 affects Jelsoft vBulletin 3.6.5. The vulnerability is an SQL injection in admincp/attachment.php via the Attached Before field, enabling remote authenticated administrators to execute arbitrary SQL commands. The connected sources cite the same vector and impact; no patch/version rem...

6CVSS7.8AI score0.00903EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2007/03/21 9:0 p.m.26 views

CVE-2007-1573

SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field...

7.8AI score0.00903EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2007/03/06 12:0 a.m.22 views

vbul365-rssxss.txt

vBulletin® v3.6.5 has an xss vuln in admincp/index.php in rss feed . exactlly in add rss url by adding : "alertdocument.cookie; a cool messege box appear with cookies ; earlier versions affected also . ----------------------------------------------------------------------------- Discovered by...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/03/02 12:0 a.m.77 views

vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.

vBulletin® v3.6.5 has an xss vuln in admincp/index.php in rss feed . exactlly in add rss url by adding : "scriptalertdocument.cookie;/script a cool messege box appear with cookies ; earlier versions affected also . -----------------------------------------------------------------------------...

1.9AI score
Exploits0
CVE
CVE
added 2007/02/09 7:0 p.m.52 views

CVE-2007-0869

CVE-2007-0869 affects Jelsoft vBulletin 3.6.4: an XSS vulnerability in the Attachment Manager (admincp/attachment.php) allows remote attackers to inject arbitrary script/HTML via the Extension field. The entry cites a possible duplicate of CVE-2007-0830 and notes uncertain provenance (information...

4.3CVSS5.4AI score0.01022EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/02/07 10:0 p.m.57 views

CVE-2007-0830

CVE-2007-0830 documents multiple XSS vulnerabilities in the Admin Control Panel of vBulletin 3.6.4. The issues allow remote authenticated administrators to inject arbitrary script/HTML via various AdminCP managers (User Group/Rank/Title, BB Code, Attachment, Calendar, Forums & Moderators). Vendor...

3.5CVSS5.5AI score0.00868EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2007/02/07 12:0 a.m.7 views

PT-2007-2273 · Vbulletin · Vbulletin

Name of the Vulnerable Software and Affected Versions: vBulletin version 3.6.4 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP of vBulletin. These vulnerabilities allow remote authenticated administrators to inject arbitrary web...

3.5CVSS5.7AI score0.00868EPSS
Exploits0References8
CVE
CVE
added 2006/11/22 12:0 a.m.61 views

CVE-2006-6040

CVE-2006-6040 affects Jelsoft vBulletin 3.6.x, specifically admincp/index.php. The vulnerability is due to cross-site scripting (XSS) via two parameters: prefs in a buildnavprefs action and navprefs in a savenavprefs action, enabling remote attackers to inject arbitrary script/HTML. Public refere...

6.8CVSS5.8AI score0.02227EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2006/10/27 4:0 p.m.39 views

CVE-2006-5561

The CVE refers to SQL injection in Discuz! GBK 5.0.0 via the cdb_auth cookie in admincp.php, enabling remote attackers to run arbitrary SQL commands. Affected software: Discuz! with GBK encoding, version 5.0.0. Root cause: unsafely parsed cookie value leads to SQL injection. Impact per sources: p...

7.5CVSS8.7AI score0.01054EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2005/09/19 12:0 a.m.15 views

vBulletin 1.0.1 lite2.x3.0 - admincpusertools.php?ids SQL Injection

vBulletin 1.0.1 lite2.x3.0 - admincpusertools.php?ids SQL Injection source: https://www.securityfocus.com/bid/14872/info vBulletin is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in S...

0.1AI score
Exploits0
Rows per page
Query Builder