2 matches found
CVE-2006-6040
CVE-2006-6040 affects Jelsoft vBulletin 3.6.x, specifically admincp/index.php. The vulnerability is due to cross-site scripting (XSS) via two parameters: prefs in a buildnavprefs action and navprefs in a savenavprefs action, enabling remote attackers to inject arbitrary script/HTML. Public refere...
PT-2006-6687 · Vbulletin Solutions · Vbulletin
Name of the Vulnerable Software and Affected Versions: vBulletin versions 3.6.x Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting XSS attacks. This can be achieved via the prefs parameter in a "buildnavprefs" action ...