Vbulletin Security Vulnerabilities and Issues — Vbulletin CVE List

Lucene search

JelsoftVbulletin

3 matches found

CVE•added 2004/09/01 4:0 a.m.•48 views

CVE-2004-0036

SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter.

5CVSS7.2AI score0.00401EPSS

CVE•added 2004/12/06 5:0 a.m.•40 views

CVE-2004-0620

Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attackers to inject arbitrary HTML or script as other users via the Edit-panel.

4.3CVSS5.8AI score0.03792EPSS

CVE•added 2004/02/17 5:0 a.m.•39 views

CVE-2004-0091

NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, say...

4.3CVSS6.2AI score0.00427EPSS