CVE-2004-1824

Jelsoft vBulletin <3.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sp.IC · phpwebappsphp

https://www.exploit-db.com/exploits/22030

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15495

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/6226

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1009440

[Exploit] http://www.securityfocus.com/bid/9887

[Mailing List] http://marc.info/?l=bugtraq&m=107945556112453&w=2

[Third Party Advisory] http://www.iss.net/security_center/static/10679.php

[Third Party Advisory, VDB Entry] http://www.osvdb.org/4312

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-11/0276.html

[Patch] http://secunia.com/advisories/11142

Scores

EPSS 0.0125

EPSS Percentile 79.4%

Details

Status published

Published Dec 31, 2004

Tracked Since Feb 18, 2026