CVE-2008-2744

Cross-site scripting (XSS) vulnerability in vBulletin 3.6.10 and 3.7.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors and an "obscure method." NOTE: the vector is probably in the redirect parameter to the Admin Control Panel (admincp/index.php).
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vbulletin:vbulletin:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:vbulletin:vbulletin:3.6.10:*:*:*:*:*:*:*

Information

Published : 2008-06-17 08:41

Updated : 2018-10-11 13:42


NVD link : CVE-2008-2744

Mitre link : CVE-2008-2744


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

vbulletin

  • vbulletin