vbulletin.com Cross Site Scripting vulnerability OBB-3874759

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability

Exploit Title: vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability + Discovered By: Dariush Nasirpour Net.Edit0r + My Homepage: black-hg.org / nasirpour.info + Date: 2015 27 February + Vendor Homepage: vBulletin.com + Tested on: vBulletin 4.2.2 + Greeting : Ali Razmjoo -...

vBulletin - Multiple Versions - Cross Site Script Redirection

No description provided by source. vBulletin - Cross Site Script Redirection Versions Affected: 3.8.4 / 3.7.6 / 3.6.12 Patches Available: 3.8.4PL1 / 3.7.6PL1 / 3.6.12PL1 Info: An XSS flaw within the user profile page has recently been discovered. This could allow an attacker to carry out an actio...