Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.5 views

CVE-2003-1031

Cross-site scripting XSS vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as 1 "Interests-Hobbies", 2 "Biography", or 3 "Occupation."...

4.3CVSS6AI score0.01394EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 p.m.7 views

CVE-2020-17496

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widgettabbedcontainertabpanel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759...

9.8CVSS7.2AI score0.99728EPSS
Exploits28
RedhatCVE
RedhatCVE
added 2025/05/22 5:34 a.m.5 views

CVE-2012-4686

SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter...

7.5CVSS8.8AI score0.01106EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:32 p.m.5 views

CVE-2006-2805

SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter...

5CVSS8.8AI score0.00883EPSS
Exploits1References1
OSV
OSV
added 2020/08/12 2:15 p.m.6 views

CVE-2020-17496

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widgettabbedcontainertabpanel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759...

9.8CVSS5.9AI score0.8774EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2019/12/12 12:0 a.m.18 views

vBulletin 5.5.x < 5.5.2 Patch Level 2 Multiple Vulnerabilities

According to the self-reported version in its response header, the version of vBulletin hosted on the remote web server is 5.5.x 5.5.2 Patch Level 2, 5.5.3 5.5.3 Patch Level 2 or 5.5.4 5.5.4 Patch Level 2. It is, therefore, affected by multiples vulnerabilities : - A SQL injection vulnerability v...

9.8CVSS10AI score0.1178EPSS
Exploits6References5
Packet Storm
Packet Storm
added 2019/09/24 12:0 a.m.987 views

vBulletin 5.x Pre-Auth Remote Code Execution

!/usr/bin/python vBulletin 5.x 0day pre-auth RCE exploit This should work on all versions from 5.0.0 till 5.5.4 Google Dorks: - site:.vbulletin.net - "Powered by vBulletin Version 5.5.4" import requests import sys if lensys.argv != 2: sys.exit"Usage: %s " % sys.argv0 params =...

0.2AI score
Exploits0
0day.today
0day.today
added 2012/12/03 12:0 a.m.28 views

vBulletin 3.x <= 4.2.0 FAQ (Echo config) trick

By using this codes, you can echo config.php information, such as host, username and password. Go to acp, Faq Manager and then edit a FAQ, add the following code: $vbulletin-config'MasterServer''servername' $vbulletin-config'MasterServer''username' $vbulletin-config'MasterServer''password'...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/05/23 12:0 a.m.46 views

vBulletin 4.0.x 4.1.2 - &#039;search.php&#039; SQL Injection

==================================================================== vBulletin 4.0.x = 4.1.2 search.php SQL Injection Vulnerability ==================================================================== 888 d8 888 888 ,d d8 e88\888 d88 888-\ 888 e 888-88e ,d888 d88 d888 888 d888 888 888d8b 888 888b...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/02/15 12:0 a.m.14 views

vBulletin v 4.0.1 XSS Vulnerability

Exploit for unknown platform in category web applications =================================== vBulletin v 4.0.1 XSS Vulnerability =================================== + Script: vBulletin Version 4.0.1 + Vendor: www.vbulletin.com + Author: W4n73d Bug: Cross Site Scripting XSS Exploit:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/01/30 12:0 a.m.26 views

vBulletin version 4.0.1 remote SQL injection exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print q vBulletin Version 4.0.1 Remote SQL Injection Exploit By indoushka www.iq-ty.com/vb Souk Naamane 00213771818860 Algeria Hackerz [email protected] Dork: Powered by vBulletin Version 4.0.1 ; if !$ARGV2 print q Usage: perl...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/06/19 12:0 a.m.62 views

vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index

====================================================================== Advisory : XSS in modcp index Release Date : June 17th 2008 Application : vBulletin Version : vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1 and lower Platform : PHP Vendor URL : http://www.vbulletin.com/ Authors : Jessic...

6.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/08/01 12:0 a.m.5 views

PT-2007-5322 · Vbulletin Solutions · Vbulletin

Name of the Vulnerable Software and Affected Versions: vBulletin version 3.6.5 Description: Multiple PHP remote file inclusion issues allow remote attackers to execute arbitrary PHP code via a URL in the classfile parameter to "includes/functions.php", the nextitem parameter to "includes/function...

9.3CVSS7.6AI score0.02145EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2006/08/21 12:0 a.m.5 views

PT-2006-5082 · Jelsoft · Vbulletin

Name of the Vulnerable Software and Affected Versions: Jelsoft vBulletin version 3.5.4 Description: The issue allows remote attackers to register multiple arbitrary users, potentially causing a denial of service due to resource consumption. This can be achieved by sending a large number of reques...

7.5CVSS7.5AI score0.01468EPSS
Exploits0References5
exploitpack
exploitpack
added 2005/09/19 12:0 a.m.14 views

vBulletin 1.0.1 lite2.x3.0 - admincpusertitle.php?usertitleid SQL Injection

vBulletin 1.0.1 lite2.x3.0 - admincpusertitle.php?usertitleid SQL Injection source: https://www.securityfocus.com/bid/14872/info vBulletin is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/02/22 12:0 a.m.36 views

vBulletin 3.0.6 - PHP Code Injection

Tested on vBulletin Version 3.0.1 /str0ke http://www.xxx.net/misc.php?do=page&template=$systemid SCAN Associates Security Advisory http://www.scan-associates.net Proof of concept ================ http://site.com/misc.php?do=page&template=$phpinfo milw0rm.com 2005-02-22...

7AI score
Exploits0
securityvulns
securityvulns
added 2005/02/15 12:0 a.m.34 views

vbulletin 3.0.x PHP code execution

Vulnerable Systems: ---------------- vBulletin version 3.0 up to and including version 3.0.4 Immune systems: ---------------- vBulletin version 3.0.5 vBulletin version 3.0.6 Vulnerable code in forumdisplay.php : if $vboptions'showforumusers' . . . . if $bbuserinfo'userid' . . . . $comma = ', ';...

1.4AI score
Exploits0
Rows per page
Query Builder