CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39777
https://notcve.org/view.php?id=CVE-2023-39777
A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter. Una vulnerabilidad de Cross-Site Scripting (XSS) en el Panel de Control de Administración de vBulletin 5.7.5 y 6.0.0 permite a los atacantes ejecutar scripts web o HTML arbitrarias a través del parámetro de URL /login.php?do=login. • https://gist.github.com/GiongfNef/8fe658dce4c7fcf3a7b4e6387e50141c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 79%CPEs: 1EXPL: 2CVE-2020-7373 – vBulletin 5.x Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-7373
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of CVE-2020-17496. CVE-2020-17496 is the preferred CVE ID to track this vulnerability. vBulletin versiones 5.5.4 hasta 5.6.2, permite una ejecución de comandos remota por medio de datos subWidgets diseñados en una petición de ajax/render/widget_tabbedcontainer_tab_panel. NOTA: este problema se presenta debido a una corrección incompleta para el CVE-2019-16759. • https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patch https://github.com/rapid7/metasploit-framework/pull/13970 https://seclists.org/fulldisclosure/2020/Aug/5 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 97%CPEs: 1EXPL: 4CVE-2020-17496 – vBulletin PHP Module Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17496
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. vBulletin versiones 5.5.4 hasta 5.6.2, permite una ejecución de comandos remota por medio de datos de subWidgets diseñados en una petición de ajax /render/widget_tabbedcontainer_tab_panel. NOTA: este problema se presenta debido a una corrección incompleta para CVE-2019-16759 The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759. • https://github.com/ctlyz123/CVE-2020-17496 https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail https://cwe.mitre.org/data/definitions/78.html https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patch https://seclists.org/fulldisclosure/2020/Aug/5 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/vbulletin_widget_template_rce.rb • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 83%CPEs: 4EXPL: 1CVE-2020-12720 – vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection
https://notcve.org/view.php?id=CVE-2020-12720
vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control. vBulletin versiones anteriores a 5.5.6pl1, versiones 5.6.0 anteriores a 5.6.0pl1 y versiones 5.6.1 anteriores a 5.6.1pl1, presenta un control de acceso incorrecto. vBulletin version 5.6.1 suffers from a remote SQL injection vulnerability. • http://packetstormsecurity.com/files/157716/vBulletin-5.6.1-SQL-Injection.html http://packetstormsecurity.com/files/157904/vBulletin-5.6.1-SQL-Injection.html https://attackerkb.com/topics/RSDAFLik92/cve-2020-12720-vbulletin-incorrect-access-control https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4440032-vbulletin-5-6-1-security-patch-level-1 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/vbulletin_getindexablecontent.rb • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-306: Missing Authentication for Critical Function •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2019-17271 – vBulletin 5.5.4 SQL Injection
https://notcve.org/view.php?id=CVE-2019-17271
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter. vBulletin versión 5.5.4, permite la inyección de SQL por medio del parámetro where del archivo ajax/api/hook/getHookList o ajax/api/widget/getWidgetList. vBulletin versions 5.5.4 and below suffer from multiple remote SQL injection vulnerabilities. • http://packetstormsecurity.com/files/154758/vBulletin-5.5.4-SQL-Injection.html https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •