CPE Details
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:vbulletin:vbulletin:5.6.3:*:*:*:*:*:*:*
Informations
Vendor
vbulletinProduct
vbulletinVersion
5.6.3Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter. | 5.4 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager. | 4.8 |
Medium |
||
| The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI. | 4.8 |
Medium |
||
| Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter. | 6.8 |
2025©
tesweb SA
