MidnightBSD

Advisories for jelsoft

CVE-2001-0475 HIGH

index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin *
CVE-2002-1660 HIGH

calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the command parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
jelsoft vbulletin *
CVE-2002-1678 MEDIUM

Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.1
jelsoft vbulletin 2.2.2
CVE-2002-1679 MEDIUM

Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.2.0
CVE-2002-1922 MEDIUM

Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.1
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
CVE-2002-2235 MEDIUM

member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which causes an error message to be reflected back to the user without quoting, which facilitates cross-site scripting (XSS) and possibly other attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.2.9_can
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.0.2
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.6
jelsoft vbulletin 2.2.1
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.0.1
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.0
jelsoft vbulletin 2.2.8
CVE-2003-0295 MEDIUM

Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.0_beta_2
CVE-2004-0036 MEDIUM

SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.3.0
CVE-2004-0091 MEDIUM

NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying "There is no hidden field called 'reg_site', nor any $reg_site variable anywhere in the vBulletin 2 or vBulletin 3 source code or templates, nor has it ever existed. We can only assume that this vulnerability was found in a site running code modified from that supplied by Jelsoft.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0_beta_2
CVE-2004-0620 MEDIUM

Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attackers to inject arbitrary HTML or script as other users via the Edit-panel.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.1
CVE-2004-1515 HIGH

SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 3.0.0
jelsoft vbulletin 3.0.0_beta_2
jelsoft vbulletin 3.0.0_can4
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.1
jelsoft vbulletin 3.0.2
jelsoft vbulletin 3.0.4
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0.5
jelsoft vbulletin 3.0.0_rc4
CVE-2004-1823 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.0
jelsoft vbulletin 3.0.0_can4
CVE-2004-2076 MEDIUM

Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.0_rc4
CVE-2004-2288 MEDIUM

Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 2.3.4
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2004-2695 HIGH

SQL injection vulnerability in the Authorize.net callback code (subscriptions/authorize.php) in Jelsoft vBulletin 3.0 through 3.0.3 allows remote attackers to execute arbitrary SQL statements via the x_invoice_num parameter. NOTE: this issue might be related to CVE-2006-4267.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 3.0.2
point-to-point_protocol_project point-to-point_protocol 2.4.1
jelsoft vbulletin 3.0_beta_3
CVE-2005-0429 MEDIUM

Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.1
jelsoft vbulletin 3.0.2
jelsoft vbulletin 3.0.4
CVE-2005-0511 HIGH

misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.0_can4
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.0.2
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 2.0_beta_2
jelsoft vbulletin 2.0_beta_3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.0.1
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.0
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.0_beta_2
jelsoft vbulletin 2.2.9_can
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0.0_rc4
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 3.0.0
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
CVE-2005-3019 HIGH

Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow remote attackers to execute arbitrary SQL commands via the (1) request parameter to joinrequests.php, (2) limitnumber or (3) limitstart to user.php, (4) usertitle.php, or (5) usertools.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.8
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-3020 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to css.php, (2) redirect parameter to index.php, (3) email parameter to user.php, (4) goto parameter to language.php, (5) orderby parameter to modlog.php, and the (6) hex, (7) rgb, or (8) expandset parameter to template.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.8
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0.9
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-3021 LOW

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.8
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0.9
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-3022 HIGH

Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, (2) userid parameter to user.php, (3) calendar parameter to admincalendar.php, (4) cronid parameter to cronlog.php, (5) usergroupid parameter to email.php, (6) help parameter to help.php, (7) rvt parameter to language.php, (8) keep parameter to phrase.php, or (9) updateprofilepic parameter to usertools.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.8
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0.9
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-3023 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.8
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0.9
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-3024 HIGH

Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, the (2) thread[forumid] or (3) criteria parameters to thread.php, (4) userid parameter to user.php, the (5) calendarcustomfieldid, (6) calendarid, (7) moderatorid, (8) holidayid, (9) calendarmoderatorid, or (10) calendar[0] parameters to admincalendar.php, (11) the cronid parameter to cronlog.php, (12) user[usergroupid][0] parameter to email.php, (13) help[0] parameter to help.php, the (14) limitnumber or (15) limitstart parameter to user.php, the (16) usertitleid or (17) ids parameters to usertitle.php, (18) rvt[0] parameter to language.php, (19) keep[0] parameter to phrase.php, (20) dostyleid parameter to template.php, (21) thread[forumid] parameter to thread.php, or (22) usertools.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-3025 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the loc parameter to (1) modcp/index.php or (2) admincp/index.php, or the ip parameter to (3) modcp/user.php or (4) admincp/usertitle.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2005-4621 MEDIUM

Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly requiring a trailing extension such as .jpg.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.8
jelsoft vbulletin 2.2.0
jelsoft vbulletin 2.2.5
jelsoft vbulletin 2.3.0
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0_gamma
jelsoft vbulletin 2.2.4
jelsoft vbulletin 2.2.6
jelsoft vbulletin 3.0.7
jelsoft vbulletin 1.0.1
jelsoft vbulletin 3.0_beta_4
jelsoft vbulletin 3.0_beta_5
jelsoft vbulletin 3.0
jelsoft vbulletin 2.0_rc3
jelsoft vbulletin 3.0.2
jelsoft vbulletin 2.2.3
jelsoft vbulletin 2.2.7
jelsoft vbulletin 2.2.2
jelsoft vbulletin 2.2.8
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 2.2.9
jelsoft vbulletin 3.0.10
jelsoft vbulletin 2.2.1
jelsoft vbulletin 3.0.9
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 2.0.3
jelsoft vbulletin 3.0_beta_6
jelsoft vbulletin 2.0_rc2
jelsoft vbulletin 2.3.2
jelsoft vbulletin 3.0_beta_7
jelsoft vbulletin 3.5.1
jelsoft vbulletin 3.0.1
jelsoft vbulletin 2.3.4
jelsoft vbulletin 2.3.8
jelsoft vbulletin 3.0.5
jelsoft vbulletin 2.3.3
jelsoft vbulletin 3.0_beta_3
CVE-2006-0080 MEDIUM

Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the title of an event, which is not properly filtered by (1) calendar.php and (2) reminder.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.2
CVE-2006-1040 MEDIUM

Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.3
jelsoft vbulletin 3.0.12
CVE-2006-1382 HIGH

PHP remote file inclusion vulnerability in impex/ImpExData.php in vBulletin ImpEx module 1.74, when register_globals is disabled, allows remote attackers to include arbitrary files via the systempath parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft impex *
CVE-2006-1673 LOW

Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard vBug Tracker 3.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbug_tracker *
CVE-2006-1816 MEDIUM

PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 allows remote attackers to execute arbitrary code via a URL in the systempath parameter to (1) ImpExModule.php, (2) ImpExController.php, and (3) ImpExDisplay.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.2
jelsoft vbulletin 3.5.1
jelsoft vbulletin 3.5.4
CVE-2006-2018 HIGH

SQL injection vulnerability in calendar.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL commands via the eventid parameter. NOTE: the affected version has been disputed by the vendor. It appears that this is the same issue as CVE-2004-0036, which was fixed in 2.3.4.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.0_beta_2
jelsoft vbulletin 3.0.0_can4
jelsoft vbulletin 3.0.3
jelsoft vbulletin 3.0.4
jelsoft vbulletin 3.0.6
jelsoft vbulletin 3.0.0_rc4
jelsoft vbulletin 3.0_beta_2
jelsoft vbulletin 3.0.0
jelsoft vbulletin 3.0
jelsoft vbulletin 3.0.1
jelsoft vbulletin 3.0.2
jelsoft vbulletin 3.0.12
jelsoft vbulletin 3.0.5
CVE-2006-2335 MEDIUM

Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and processes them in a way that allows remote authenticated administrators to gain shell access by uploading a CSS file that contains PHP code, then selecting the file via the style chooser, which causes the PHP code to be executed. NOTE: the vendor was unable to reproduce this issue in 3.5.x. NOTE: this issue might be due to direct static code injection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.8
CVE-2006-2805 MEDIUM

SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.0.10
CVE-2006-3253 LOW

Cross-site scripting (XSS) vulnerability in member.php in vBulletin 3.5.x allows remote attackers to inject arbitrary web script or HTML via the u parameter. NOTE: the vendor has disputed this report, stating that they have been unable to replicate the issue and that "the userid parameter is run through our filtering system as an unsigned integer.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.0_rc3
jelsoft vbulletin 3.5.2
jelsoft vbulletin 3.5.0_beta_3
jelsoft vbulletin 3.5.0_rc1
jelsoft vbulletin 3.5.0_beta_1
jelsoft vbulletin 3.5.0_beta_2
jelsoft vbulletin 3.5.1
jelsoft vbulletin 3.5.0_beta_4
jelsoft vbulletin 3.5.0
jelsoft vbulletin 3.5.3
jelsoft vbulletin 3.5.0_rc2
CVE-2006-4271 HIGH

PHP remote file inclusion vulnerability in install/upgrade_301.php in Jelsoft vBulletin 3.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the step parameter. NOTE: the vendor has disputed this vulnerability, saying "The default vBulletin requires authentication prior to the usage of the upgrade system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.4
CVE-2006-4272 HIGH

Jelsoft vBulletin 3.5.4 allows remote attackers to register multiple arbitrary users and cause a denial of service (resource consumption) via a large number of requests to register.php. NOTE: the vendor has disputed this vulnerability, stating "If you have the CAPTCHA enabled then the registrations wont even go through. ... if you are talking about the flood being allowed in the first place then surely this is something that should be handled at the server level.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.5.4
CVE-2007-0830 LOW

Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager, (2) User Rank Manager, (3) User Title Manager, (4) BB Code Manager, (5) Attachment Manager, (6) Calendar Manager, and (7) Forums & Moderators functions. NOTE: the vendor disputes this issue, stating that modifying HTML is an intended privilege of an administrator. NOTE: it is possible that this issue overlaps CVE-2006-6040

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.6.4
CVE-2007-4120 HIGH

Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states "further investigation has revealed that the application is not vulnerable to this issue." The original researcher also has a history of erroneous claims

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.6.5
CVE-2007-4453 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.8 allow remote attackers to inject arbitrary web code or HTML via the (1) s parameter to index.php, and the (2) q parameter to (a) faq.php, (b) member.php, (c) memberlist.php, (d) calendar.php, (e) search.php, (f) forumdisplay.php, (g) showgroups.php, (h) online.php, and (i) sendmessage.php. NOTE: these issues have been disputed by the vendor, stating "I can't reproduce a single one of these". The researcher is known to be unreliable

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jelsoft vbulletin 3.6.8