CGI abuses : XSS : VBulletin Event Title HTML Injection Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56893

Categoría: CGI abuses : XSS

Título: VBulletin Event Title HTML Injection Vulnerability

Resumen: NOSUMMARY

Descripción: Description:
The remote version of vBulletin, according to its version
number, is vulnerable to an input validation vulnerability
in event titles which are then rendered unfiltered in 'calendar.php'
and 'reminder.php'.

Versions up to 3.5.2 are thought to be vulnerable.

Solution : Upgrade to 3.5.3 or later.
http://www.vbulletin.com/

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: BugTraq ID: 16116
Common Vulnerability Exposure (CVE) ID: CVE-2006-0080
http://www.securityfocus.com/bid/16116
Bugtraq: 20060101 [KAPDA::#19] - Html Injection in vBulletin 3.5.2 (Google Search)
http://www.securityfocus.com/archive/1/420663/100/0/threaded
Bugtraq: 20060108 Html_Injection in vBulletin 3.5.2 (Google Search)
http://www.securityfocus.com/archive/1/421310/100/0/threaded
Bugtraq: 20060110 Re: Html_Injection in vBulletin 3.5.2 (Google Search)
http://kapda.ir/advisory-177.html
http://www.osvdb.org/22210
http://www.osvdb.org/22220
http://secunia.com/advisories/18299
http://www.vupen.com/english/advisories/2006/0033

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56893
Categoría:	CGI abuses : XSS
Título:	VBulletin Event Title HTML Injection Vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote version of vBulletin, according to its version number, is vulnerable to an input validation vulnerability in event titles which are then rendered unfiltered in 'calendar.php' and 'reminder.php'. Versions up to 3.5.2 are thought to be vulnerable. Solution : Upgrade to 3.5.3 or later. http://www.vbulletin.com/ Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	BugTraq ID: 16116 Common Vulnerability Exposure (CVE) ID: CVE-2006-0080 http://www.securityfocus.com/bid/16116 Bugtraq: 20060101 [KAPDA::#19] - Html Injection in vBulletin 3.5.2 (Google Search) http://www.securityfocus.com/archive/1/420663/100/0/threaded Bugtraq: 20060108 Html_Injection in vBulletin 3.5.2 (Google Search) http://www.securityfocus.com/archive/1/421310/100/0/threaded Bugtraq: 20060110 Re: Html_Injection in vBulletin 3.5.2 (Google Search) http://kapda.ir/advisory-177.html http://www.osvdb.org/22210 http://www.osvdb.org/22220 http://secunia.com/advisories/18299 http://www.vupen.com/english/advisories/2006/0033
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com