RSS   Vulnerabilities for 'Vbulletin'   RSS

2020-09-03
 
CVE-2020-25124

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI.

 
 
CVE-2020-25123

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager.

 
 
CVE-2020-25122

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager.

 
 
CVE-2020-25121

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options.

 
 
CVE-2020-25120

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI.

 
 
CVE-2020-25119

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual.

 
 
CVE-2020-25118

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager.

 
 
CVE-2020-25117

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager.

 
 
CVE-2020-25116

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager.

 
 
CVE-2020-25115

CWE-79
 

 
The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager.

 


Copyright 2021, cxsecurity.com

 

Back to Top