EUVD-2020-17808

Malware in sbrugna...

CVE-2024-13704

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stusertitle' parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

Cross site scripting

UNSUPPORTED WHEN ASSIGNED The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50935)

vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Junior Member Title in the User Titl...

CVE-2020-25117

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

CVE-2020-25117

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

CVE-2020-25117

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

CVE-2009-3060

Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...

CVE-2007-0830

Multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the 1 User Group Manager, 2 User Rank Manager, 3 User Title Manager, ...

CVE-2007-0830

Multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the 1 User Group Manager, 2 User Rank Manager, 3 User Title Manager, ...

PT-2007-2273 · Vbulletin · Vbulletin

Name of the Vulnerable Software and Affected Versions: vBulletin version 3.6.4 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP of vBulletin. These vulnerabilities allow remote authenticated administrators to inject arbitrary web...

VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability

VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability vBulletin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker could exploit this vulnerability to have arbitrary script code execute in the...