Lucene search
+L

129 matches found

Prion
Prion
added 2020/09/03 6:15 p.m.15 views

Cross site scripting

The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual...

3.5CVSS4.8AI score0.00663EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.18 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options...

3.5CVSS4.8AI score0.00669EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.13 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

3.5CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.13 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.15 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.12 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager...

3.5CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.15 views

Cross site scripting

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.15 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/03 5:20 p.m.56 views

CVE-2020-25115

Vulnerability overview: CVE-2020-25115 affects vBulletin 5.6.3 Admin CP, enabling cross-site scripting (XSS) via an Occupation Title or Description in the User Profile Field Manager. Affected component is the Admin CP interface; root cause aligns with input handling in profile field manager allow...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/03 5:20 p.m.48 views

CVE-2020-25116

The CVE-2020-25116 entry identifies a cross-site scripting (XSS) vulnerability in the Admin CP of vBulletin 5.6.3, exploitable via the Announcement Title to Channel Manager. Concrete details in connected documents confirm the affected product/version and the exact vulnerable component (Admin CP/C...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/03 5:20 p.m.17 views

CVE-2020-25116

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

4.8AI score0.00553EPSS
Exploits1References1
CVE
CVE
added 2020/09/03 5:20 p.m.46 views

CVE-2020-25117

CVE-2020-25117 affects vBulletin 5.6.3: the Admin CP is vulnerable to cross-site scripting via the Junior Member Title field in the User Title Manager. The public records describe a stored/reflected XSS path within the Admin Control Panel, with CVSS v3.1 base score 4.8 (MEDIUM) and CVSSv2 base sc...

4.8CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/03 5:20 p.m.18 views

CVE-2020-25117

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

4.8AI score0.00553EPSS
Exploits1References1
CVE
CVE
added 2020/09/03 5:19 p.m.56 views

CVE-2020-25118

The CVE-2020-25118 entry relates to vBulletin 5.6.3 Admin CP, where the Style Options Settings Title in Styles Manager is susceptible to XSS. Affected component is the Admin CP’s Styles Manager Style Options Settings heading, with the underlying issue enabling cross-site scripting. The NVD provid...

4.8CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/03 5:19 p.m.16 views

CVE-2020-25118

The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager...

4.8AI score0.00553EPSS
Exploits1References1
CVE
CVE
added 2020/09/03 5:19 p.m.50 views

CVE-2020-25119

The CVE-2020-25119 entry describes a cross-site scripting (XSS) vulnerability in vBulletin 5.6.3 where an attacker can inject script via the Title of a Child Help Item in the Login/Logoff section of the User Manual in Admin CP. Public references confirm this vulnerability and its presence across ...

4.8CVSS4.8AI score0.00663EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/03 5:19 p.m.18 views

CVE-2020-25120

The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI...

4.9AI score0.00553EPSS
Exploits1References1
CVE
CVE
added 2020/09/03 5:19 p.m.48 views

CVE-2020-25120

The CVE-2020-25120 entry affects vBulletin Admin Control Panel in version 5.6.3, where an XSS vulnerability exists in the admincp/search.php?do=dosearch URI. The vulnerability enables cross‑site scripting with a low overall severity (NVD CVSS v2 base score 3.5; CVSS v3.1 base score 4.8) and impac...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/03 5:19 p.m.47 views

CVE-2020-25121

Affected software: vBulletin 5.6.3 Admin CP. Vulnerability: cross-site scripting (XSS) via the Paid Subscription Email Notification field in the Options. Root cause: input in that field is not properly sanitized, enabling injection in the Admin CP context. Impact: XSS could affect authenticated a...

4.8CVSS4.8AI score0.00669EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/03 5:19 p.m.19 views

CVE-2020-25121

The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options...

4.9AI score0.00669EPSS
Exploits1References1
Rows per page
Query Builder