CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 2CVE-2004-2288 – vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing
https://notcve.org/view.php?id=CVE-2004-2288
Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter. • https://www.exploit-db.com/exploits/24124 http://www.infosecurity.org.cn/article/hacker/exploit/16557.html http://www.securityfocus.com/bid/10362 •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0CVE-2004-0036
https://notcve.org/view.php?id=CVE-2004-0036
SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter. Vulnerabilidad de inyección de SQL en calendar.php de vBulletin Forum 2.3.x permite a atacantes remotos robar información sensible mediante el parámetro eventid • http://marc.info/?l=bugtraq&m=107340358202123&w=2 http://www.osvdb.org/3344 http://www.securityfocus.com/bid/9360 http://www.vbulletin.com/forum/showthread.php?postid=588825 https://exchange.xforce.ibmcloud.com/vulnerabilities/14144 •