Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:55 p.m.8 views

CVE-2020-25116

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

4.8CVSS5.8AI score0.00553EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.12 views

CVE-2020-25124

The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php=rebuild= URI...

4.8CVSS5.8AI score0.00553EPSS
Exploits1
Packet Storm
Packet Storm
added 2020/12/07 12:0 a.m.477 views

vBulletin 5.6.3 Cross Site Scripting

Exploit Title: vBulletin 5.6.3 - 'group' Cross Site Scripting Date: 05.09.2020 Author: Vincent666 ibn Winnie Software Link: https://www.vbulletin.com/en/features/ Tested on: Windows 10 Web Browser: Mozilla Firefox & Opera Google Dorks: "Powered by vBulletin® Version 5.6.3" Go to the "Admin CP" -...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/09/04 12:0 a.m.2 views

vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50935)

vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Junior Member Title in the User Titl...

4.8CVSS6.2AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2020/09/03 6:15 p.m.11 views

CVE-2020-25123

The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1
OSV
OSV
added 2020/09/03 6:15 p.m.4 views

CVE-2020-25117

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

4.8CVSS5.8AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2020/09/03 6:15 p.m.16 views

CVE-2020-25121

The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options...

4.8CVSS4.9AI score0.00669EPSS
Exploits1References1
NVD
NVD
added 2020/09/03 6:15 p.m.13 views

CVE-2020-25116

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

4.8CVSS4.9AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2020/09/03 6:15 p.m.14 views

CVE-2020-25122

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2020/09/03 6:15 p.m.14 views

CVE-2020-25118

The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1
Prion
Prion
added 2020/09/03 6:15 p.m.15 views

Cross site scripting

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.14 views

Cross site scripting

The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual...

3.5CVSS4.8AI score0.00663EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.12 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager...

3.5CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.13 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

3.5CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.14 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.18 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options...

3.5CVSS4.8AI score0.00669EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/03 6:15 p.m.15 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager...

3.5CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/03 5:20 p.m.55 views

CVE-2020-25115

Vulnerability overview: CVE-2020-25115 affects vBulletin 5.6.3 Admin CP, enabling cross-site scripting (XSS) via an Occupation Title or Description in the User Profile Field Manager. Affected component is the Admin CP interface; root cause aligns with input handling in profile field manager allow...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/03 5:20 p.m.47 views

CVE-2020-25116

The CVE-2020-25116 entry identifies a cross-site scripting (XSS) vulnerability in the Admin CP of vBulletin 5.6.3, exploitable via the Announcement Title to Channel Manager. Concrete details in connected documents confirm the affected product/version and the exact vulnerable component (Admin CP/C...

4.8CVSS4.8AI score0.00553EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/03 5:20 p.m.45 views

CVE-2020-25117

CVE-2020-25117 affects vBulletin 5.6.3: the Admin CP is vulnerable to cross-site scripting via the Junior Member Title field in the User Title Manager. The public records describe a stored/reflected XSS path within the Admin Control Panel, with CVSS v3.1 base score 4.8 (MEDIUM) and CVSSv2 base sc...

4.8CVSS4.7AI score0.00553EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder