Vulnerabilities > Vbulletin

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-16	CVE-2023-39777	Cross-site Scripting vulnerability in Vbulletin A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter. network low complexity vbulletin CWE-79	5.4
2023-02-03	CVE-2023-25135	Deserialization of Untrusted Data vulnerability in Vbulletin 5.6.7/5.6.8/5.6.9 vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. network low complexity vbulletin CWE-502 critical	9.8
2020-10-30	CVE-2020-7373	Command Injection vulnerability in Vbulletin vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. network low complexity vbulletin CWE-77	7.5
2020-09-03	CVE-2020-25124	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI. network vbulletin CWE-79	3.5
2020-09-03	CVE-2020-25123	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager. network vbulletin CWE-79	3.5
2020-09-03	CVE-2020-25122	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager. network vbulletin CWE-79	3.5
2020-09-03	CVE-2020-25121	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options. network vbulletin CWE-79	3.5
2020-09-03	CVE-2020-25120	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI. network vbulletin CWE-79	3.5
2020-09-03	CVE-2020-25119	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual. network vbulletin CWE-79	3.5
2020-09-03	CVE-2020-25118	Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager. network vbulletin CWE-79	3.5

Vulnerabilities > Vbulletin {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vbulletin"}]}

Vulnerabilities > Vbulletin