CVE-2018-12580

library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session'useragent' in the "Login Sessions" feature...

EUVD-2012-6515

Malware in sbrugna...

EUVD-2018-4540

Malware in sbrugna...

EUVD-2012-6526

Malware in sbrugna...

vBulletin 4.2.5 Member Map 1.1.2 Open Redirection

Exploit Title : vBulletin 4.2.5 Member Map 1.1.2 Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/03/2019 Vendor Homepage : vbulletin.com dragonbyte-tech.com Software Information Link : dragonbyte-tech.com/store/member-map.229/ Software Affect...

vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection

Exploit Title : vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/03/2019 Vendor Homepages : vbulletin.com dragonbyte-tech.com Software Information Link :...

vBulletin 4.2.3 vBSecurity 2.2.2 Pro Open Redirection

Exploit Title : vBulletin 4.2.3 vBSecurity v2.2.2 Pro Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 01/03/2019 Vendor Homepage : vbulletin.com dragonbyte-tech.com Software Information Link : dragonbyte-tech.com/store/vbsecurity.123/ Software...

vBulletin 4.x.x DragonByte SEO 2.0.31 Open Redirection

Exploit Title : vBulletin 4.x.x DragonByte SEO v2.0.31 Pro Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/02/2019 Vendor Homepages : vbulletin.com dragonbyte-tech.com Vendor Name : DragonByte Technologies Software Information Link :...

DragonByte vBSecurity for vBulletin Cross-Site Scripting Vulnerability

DragonByte vBSecurity for vBulletin is a suite of vBulletin-based security protection software for web sites from DragonByte Technologies, Scotland. The software monitors configuration file changes, user logins, and alerts you when your website's security is threatened. A cross-site scripting...

CVE-2018-12580

library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session'useragent' in the "Login Sessions" feature...

Design/Logic Flaw

library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session'useragent' in the "Login Sessions" feature...

CVE-2018-12580

library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session'useragent' in the "Login Sessions" feature...

CVE-2018-12580

CVE-2018-12580 affects DragonByte vBSecurity 3.x up to 3.3.0 for vBulletin 3/4. The issue is a self-XSS in the Login Sessions feature caused by untrusted input in the session field $session['user_agent'], enabling an attacker to inject script/HTML. The Red Hat entry and CNVD/NVD records corrobora...

DragonByte Technologies vBDownloads for vBulletin Cross-Site Scripting Vulnerability

DragonByte Technologies vBDownloads for vBulletin is a download module for vBulletin open source commercial web forum program from DragonByte Technologies, Scotland. A cross-site scripting vulnerability exists in the downloads/actions/editdownload.php file in DragonByte Technologies vBDownloads f...

DragonByte Technologies Forumon RPG for vBulletin Cross-Site Scripting Vulnerability

DragonByte Technologies Forumon RPG for vBulletin is a forum role-playing module for vBulletin, the open-source commercial Web forum program, from DragonByte Technologies of Scotland. A cross-site scripting vulnerability exists in DragonByte Technologies Forumon RPG for vBulletin version 1.0.7. A...

DragonByte Technologies vBShout for vBulletin Cross-Site Scripting Vulnerability (CNVD-2018-02534)

DragonByte Technologies vBShout for vBulletin is a module with posting and replying functionality for vBulletin, the open source commercial web forum program from DragonByte Technologies, Scotland. A cross-site scripting vulnerability exists in DragonByte Technologies vBShout for vBulletin versio...

Cross site scripting

Cross-site scripting XSS vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and earlier for vBulletin allows remote attackers to inject arbitrary web script or HTML via the mirrors parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the DragonByte Technologies vbActivity module before 3.0.1 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the reason parameter in 1 actions/nominatemedal.php or 2 actions/requestmedal.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the 1 reportreason parameter in actions/doreport.php or 2 modnotes parameter in...

CVE-2012-6682

Cross-site scripting XSS vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and earlier for vBulletin allows remote attackers to inject arbitrary web script or HTML via the mirrors parameter...