Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2002-1678 | Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits. |
Assigned (20050621) | BID:4349 | URL:http://www.securityfocus.com/bid/4349 | BUGTRAQ:20020322 RE: memberlist.php of vBulletin | URL:http://online.securityfocus.com/archive/1/264023/2002-11-01/2002-11-07/2 | BUGTRAQ:20020322 memberlist.php of vBulletin | URL:http://online.securityfocus.com/archive/1/263609 | XF:vbulletin-memberlist-execute-code(8619) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/8619 |
Page created: