CVE

Id
14226  
CVE No.
CVE-2005-3020  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to css.php, (2) redirect parameter to index.php, (3) email parameter to user.php, (4) goto parameter to language.php, (5) orderby parameter to modlog.php, and the (6) hex, (7) rgb, or (8) expandset parameter to template.php.  
Phase
Assigned (20050921)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
105781 14226 CVE-2005-3020 BUGTRAQ:20050918 [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of)  View
105782 14226 CVE-2005-3020 URL:http://marc.info/?l=bugtraq&m=112715150320677&w=2  View
105783 14226 CVE-2005-3020 MISC:http://morph3us.org/advisories/20050917-vbulletin-3.0.8.txt  View
105784 14226 CVE-2005-3020 BID:14874  View
105785 14226 CVE-2005-3020 URL:http://www.securityfocus.com/bid/14874  View
105786 14226 CVE-2005-3020 SECUNIA:16873  View
105787 14226 CVE-2005-3020 URL:http://secunia.com/advisories/16873/  View
105788 14226 CVE-2005-3020 XF:vbulletin-xss(22324)  View

Related JVN