Vulnerabilities > Jelsoft > Vbulletin > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-30 | CVE-2007-2909 | Cross-Site Scripting vulnerability in vBulletin Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x before 3.6.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the vb_calendar366_xss_fix_plugin.xml update. network jelsoft | 3.5 |
2005-09-21 | CVE-2005-3021 | File-Upload vulnerability in vBulletin image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action. | 2.1 |