Vulnerabilities > CVE-2006-1673 - Cross-Site Scripting vulnerability in vBulletin

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
high complexity
jelsoft
exploit available
NVD
Published: 2006-04-07
Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard vBug Tracker 3.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter.

Vulnerable Configurations

Part Description Count
Application
Jelsoft
1

Exploit-Db

descriptionvBulletin 3.5.1 Vbugs.PHP Cross-Site Scripting Vulnerability. CVE-2006-1673. Webapps exploit for php platform
idEDB-ID:27580
last seen2016-02-03
modified2006-04-07
published2006-04-07
reporterr0t
sourcehttps://www.exploit-db.com/download/27580/
titlevBulletin 3.5.1 Vbugs.PHP Cross-Site Scripting Vulnerability

References