CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4621

Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly requiring a trailing extension such as .jpg.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.4%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2005-4621

Jelsoft » Vbulletin » Version: 1.0.1

cpe:2.3:a:jelsoft:vbulletin:1.0.1
Jelsoft » Vbulletin » Version: 2.0.3

cpe:2.3:a:jelsoft:vbulletin:2.0.3
Jelsoft » Vbulletin » Version: 2.0_rc2

cpe:2.3:a:jelsoft:vbulletin:2.0_rc2
Jelsoft » Vbulletin » Version: 2.0_rc3

cpe:2.3:a:jelsoft:vbulletin:2.0_rc3
Jelsoft » Vbulletin » Version: 2.2.0

cpe:2.3:a:jelsoft:vbulletin:2.2.0
Jelsoft » Vbulletin » Version: 2.2.1

cpe:2.3:a:jelsoft:vbulletin:2.2.1
Jelsoft » Vbulletin » Version: 2.2.2

cpe:2.3:a:jelsoft:vbulletin:2.2.2
Jelsoft » Vbulletin » Version: 2.2.3

cpe:2.3:a:jelsoft:vbulletin:2.2.3
Jelsoft » Vbulletin » Version: 2.2.4

cpe:2.3:a:jelsoft:vbulletin:2.2.4
Jelsoft » Vbulletin » Version: 2.2.5

cpe:2.3:a:jelsoft:vbulletin:2.2.5
Jelsoft » Vbulletin » Version: 2.2.6

cpe:2.3:a:jelsoft:vbulletin:2.2.6
Jelsoft » Vbulletin » Version: 2.2.7

cpe:2.3:a:jelsoft:vbulletin:2.2.7
Jelsoft » Vbulletin » Version: 2.2.8

cpe:2.3:a:jelsoft:vbulletin:2.2.8
Jelsoft » Vbulletin » Version: 2.2.9

cpe:2.3:a:jelsoft:vbulletin:2.2.9
Jelsoft » Vbulletin » Version: 2.3.0

cpe:2.3:a:jelsoft:vbulletin:2.3.0
Jelsoft » Vbulletin » Version: 2.3.2

cpe:2.3:a:jelsoft:vbulletin:2.3.2
Jelsoft » Vbulletin » Version: 2.3.3

cpe:2.3:a:jelsoft:vbulletin:2.3.3
Jelsoft » Vbulletin » Version: 2.3.4

cpe:2.3:a:jelsoft:vbulletin:2.3.4
Jelsoft » Vbulletin » Version: 2.3.8

cpe:2.3:a:jelsoft:vbulletin:2.3.8
Jelsoft » Vbulletin » Version: 3.0

cpe:2.3:a:jelsoft:vbulletin:3.0
Jelsoft » Vbulletin » Version: 3.0.1

cpe:2.3:a:jelsoft:vbulletin:3.0.1
Jelsoft » Vbulletin » Version: 3.0.10

cpe:2.3:a:jelsoft:vbulletin:3.0.10
Jelsoft » Vbulletin » Version: 3.0.2

cpe:2.3:a:jelsoft:vbulletin:3.0.2
Jelsoft » Vbulletin » Version: 3.0.3

cpe:2.3:a:jelsoft:vbulletin:3.0.3
Jelsoft » Vbulletin » Version: 3.0.4

cpe:2.3:a:jelsoft:vbulletin:3.0.4
Jelsoft » Vbulletin » Version: 3.0.5

cpe:2.3:a:jelsoft:vbulletin:3.0.5
Jelsoft » Vbulletin » Version: 3.0.6

cpe:2.3:a:jelsoft:vbulletin:3.0.6
Jelsoft » Vbulletin » Version: 3.0.7

cpe:2.3:a:jelsoft:vbulletin:3.0.7
Jelsoft » Vbulletin » Version: 3.0.8

cpe:2.3:a:jelsoft:vbulletin:3.0.8
Jelsoft » Vbulletin » Version: 3.0.9

cpe:2.3:a:jelsoft:vbulletin:3.0.9
Jelsoft » Vbulletin » Version: 3.0_beta_2

cpe:2.3:a:jelsoft:vbulletin:3.0_beta_2
Jelsoft » Vbulletin » Version: 3.0_beta_3

cpe:2.3:a:jelsoft:vbulletin:3.0_beta_3
Jelsoft » Vbulletin » Version: 3.0_beta_4

cpe:2.3:a:jelsoft:vbulletin:3.0_beta_4
Jelsoft » Vbulletin » Version: 3.0_beta_5

cpe:2.3:a:jelsoft:vbulletin:3.0_beta_5
Jelsoft » Vbulletin » Version: 3.0_beta_6

cpe:2.3:a:jelsoft:vbulletin:3.0_beta_6
Jelsoft » Vbulletin » Version: 3.0_beta_7

cpe:2.3:a:jelsoft:vbulletin:3.0_beta_7
Jelsoft » Vbulletin » Version: 3.0_gamma

cpe:2.3:a:jelsoft:vbulletin:3.0_gamma
Jelsoft » Vbulletin » Version: 3.5.1

cpe:2.3:a:jelsoft:vbulletin:3.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4621

Products

Pricing

Contact Us