Vbulletin@3.6.0 Security Vulnerabilities and Issues — Vbulletin@3.6.0 CVE List

Lucene search

JelsoftVbulletin3.6.0

3 matches found

CVE•added 2006/11/22 12:7 a.m.•47 views

CVE-2006-6040

Multiple cross-site scripting (XSS) vulnerabilities in admincp/index.php in Jelsoft vBulletin 3.6.x allow remote attackers to inject arbitrary web script or HTML via (1) the prefs parameter in a buildnavprefs action or (2) the navprefs parameter in a savenavprefs action.

6.8CVSS5.8AI score0.01005EPSS

CVE•added 2006/12/28 12:28 a.m.•37 views

CVE-2006-6779

Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows remote attackers to inject arbitrary web script or HTML via an SWF file that uses ActionScript to trigger execution of JavaScript.

6.8CVSS6.1AI score0.00825EPSS

CVE•added 2006/08/21 9:4 p.m.•33 views

CVE-2006-4273

Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote attackers to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explorer 6.

6.8CVSS5.9AI score0.00725EPSS