Vulnerabilities > CVE-2002-1922 - Cross-Site Scripting vulnerability in Multiple VBulletin

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

jelsoft

exploit available

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.

Vulnerable Configurations

Part	Description	Count
Application	Jelsoft Jelsoft Vbulletin 2.0_Rc2 Jelsoft Vbulletin 2.0_Rc3 Jelsoft Vbulletin 2.2.0 Jelsoft Vbulletin 2.2.1 Jelsoft Vbulletin 2.2.2 Jelsoft Vbulletin 2.2.3 Jelsoft Vbulletin 2.2.4 Jelsoft Vbulletin 2.2.5 Jelsoft Vbulletin 2.2.6 Jelsoft Vbulletin 2.2.7 Jelsoft Vbulletin 2.2.8	11

Exploit-Db

description	VBulletin 2.0/2.2.x Cross Site Scripting Vulnerabilities. CVE-2002-1922 . Webapps exploit for java platform
id	EDB-ID:21946
last seen	2016-02-02
modified	2002-10-18
published	2002-10-18
reporter	Sp.IC
source	https://www.exploit-db.com/download/21946/
title	VBulletin 2.0/2.2.x - Cross-Site Scripting Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References