CGI abuses : XSS : vBulletin Vbugs.PHP Cross-Site Scripting

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.56882
Category:	CGI abuses : XSS
Title:	vBulletin Vbugs.PHP Cross-Site Scripting
Summary:	NOSUMMARY
Description:	Description: The remote version of vBulletin, according to its version number, is vulnerable to a cross site scripting attack in the 'vbugs.php' script as a result of insufficient sanitization of the 'sortorder' parameter. Version 3.5.1 is known to be vulnerable, earlier versions may also be vulnerable. Solution : Upgrade to a later version. http://www.vbulletin.com/ Risk factor : Medium CVSS Score: 2.6
Cross-Ref:	BugTraq ID: 17407 Common Vulnerability Exposure (CVE) ID: CVE-2006-1673 http://www.securityfocus.com/bid/17407 http://pridels0.blogspot.com/2006/04/vbug-tracker-for-vbulletin-35x-xss.html http://www.osvdb.org/24448 http://secunia.com/advisories/19562 http://www.vupen.com/english/advisories/2006/1267 XForce ISS Database: vbulletin-vbugtracker-vbugs-xss(25649) https://exchange.xforce.ibmcloud.com/vulnerabilities/25649
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com