4.3

CVE-2005-3023

Exploit

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php.

Data is provided by the National Vulnerability Database (NVD)
JelsoftVbulletin Version1.0.1 Editionlite
JelsoftVbulletin Version2.0.3
JelsoftVbulletin Version2.0_rc2
JelsoftVbulletin Version2.0_rc3
JelsoftVbulletin Version2.2.0
JelsoftVbulletin Version2.2.1
JelsoftVbulletin Version2.2.2
JelsoftVbulletin Version2.2.3
JelsoftVbulletin Version2.2.4
JelsoftVbulletin Version2.2.5
JelsoftVbulletin Version2.2.6
JelsoftVbulletin Version2.2.7
JelsoftVbulletin Version2.2.8
JelsoftVbulletin Version2.2.9
JelsoftVbulletin Version2.3.0
JelsoftVbulletin Version2.3.2
JelsoftVbulletin Version2.3.3
JelsoftVbulletin Version2.3.4
JelsoftVbulletin Version3.0
JelsoftVbulletin Version3.0.1
JelsoftVbulletin Version3.0.2
JelsoftVbulletin Version3.0.3
JelsoftVbulletin Version3.0.4
JelsoftVbulletin Version3.0.5
JelsoftVbulletin Version3.0.6
JelsoftVbulletin Version3.0.7
JelsoftVbulletin Version3.0.8
JelsoftVbulletin Version3.0.9
JelsoftVbulletin Version3.0_beta_2
JelsoftVbulletin Version3.0_beta_3
JelsoftVbulletin Version3.0_beta_4
JelsoftVbulletin Version3.0_beta_5
JelsoftVbulletin Version3.0_beta_6
JelsoftVbulletin Version3.0_beta_7
JelsoftVbulletin Version3.0_gamma
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.35% 0.545
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N