Jelsoft: >> Vbulletin >> 2.3.8 Security Vulnerabilities
SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote attackers to execute arbitrary SQL commands via the templatesused parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2006-10-03
Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly requiring a trailing extension such as .jpg.
CVSS Score
4.3
EPSS Score
0.003
Published
2005-12-31