Show filters
119 Total Results
Displaying 11-20 of 119
Sort by:
Attacker Value
Unknown

CVE-2020-25121

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25123

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25119

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25115

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25122

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25116

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25120

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-25124

Disclosure Date: September 03, 2020 (last updated November 28, 2024)
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-17271

Disclosure Date: October 08, 2019 (last updated November 27, 2024)
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17131

Disclosure Date: October 04, 2019 (last updated November 27, 2024)
vBulletin before 5.5.4 allows clickjacking.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  < Previous  Next >