Vbulletin Luki w zabezpieczeniach

Oś czasu

Wersja

2.2.014
3.0 Beta 213
3.0.113
2.2.113
2.2.213

Przeciwdziałanie

Official Fix35
Temporary Fix0
Workaround1
Unavailable15
Not Defined61

Wykorzystywanie

High27
Functional0
Proof-of-Concept20
Unproven2
Not Defined63

Wektor dostępu

Not Defined0
Physical0
Local1
Adjacent0
Network111

Uwierzytelnianie

Not Defined0
High11
Low20
None81

Interakcja z użytkownikiem

Not Defined0
Required57
None55

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤47
≤541
≤68
≤719
≤823
≤912
≤102

CVSSv3 Temp

≤10
≤20
≤30
≤49
≤543
≤68
≤727
≤814
≤910
≤101

VulDB

≤10
≤20
≤30
≤418
≤531
≤66
≤721
≤829
≤95
≤102

NVD

≤10
≤20
≤30
≤40
≤512
≤61
≤75
≤80
≤93
≤108

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k16
<2k51
<5k43
<10k0
<25k1
<50k1
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k112
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Versions (150): 1.0.1, 1.1.5, 2.0, 2.0 Beta 2, 2.0 Beta 3, 2.0 Rc2, 2.0 Rc3, 2.0.1, 2.0.2, 2.0.3, 2.1.9, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.2.9 Can, 2.3, 2.3.2, 2.3.3, 2.3.4, 2.3.8, 3, 3.0, 3.0 Beta 2, 3.0 Beta 3, 3.0 Beta 4, 3.0 Beta 5, 3.0 Beta 6, 3.0 Beta 7, 3.0 Gamma, 3.0.0 Beta 2, 3.0.0 Can4, 3.0.0 Rc4, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.12, 3.5, 3.5.0 Beta 1, 3.5.0 Beta 2, 3.5.0 Beta 3, 3.5.0 Beta 4, 3.5.0 Rc1, 3.5.0 Rc2, 3.5.0 Rc3, 3.5.1, 3.5.2, 3.5.3, 3.5.4, 3.5.8, 3.6, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.6.8, 3.6.9, 3.7, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.8.7, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.11, 4.1.12, 4.2, 4.2.1, 4.2.2, 4.2.2 PL4, 4.2.3, 4.2.4, 4.4.2, 5, 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.1, 5.1.1, 5.1.1 Alpha 9, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.7, 5.1.8, 5.1.9, 5.2, 5.2.1, 5.2.2, 5.3, 5.4, 5.4.3, 5.5, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.6, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.7.5, 6

Typ oprogramowania: Forum Software

OpublikowanoBaseTempSłaby punkt0dayDzisiajWykPrzCTICVE
2023-09-164.44.4vBulletin Admin Control Panel cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2023-39777
2023-02-038.58.4vBulletin HTTP Request verify_serialized privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-25135
2020-11-018.08.0vBulletin subWidgets Data widget_tabbedcontainer_tab_panel privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-7373
2020-09-034.14.1vBulletin attachment.php&do=rebuild&type cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-25124
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25123
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25122
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25121
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25120
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25119
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25118
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25117
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25116
2020-09-034.14.1vBulletin Admin CP cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25115
2020-08-128.58.5vBulletin Incomplete Fix CVE-2019-16759 widget_tabbedcontainer_tab_panel privilege escalation$0-$5k$0-$5kHighNot Defined0.00CVE-2020-17496
2020-05-088.58.2vBulletin Access Control privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-12720
2019-10-084.84.8vBulletin getHookList sql injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-17271
2019-10-048.58.5vBulletin Avatar privilege escalation$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2019-17132
2019-10-045.35.2vBulletin privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-17131
2019-10-046.56.5vBulletin URL vurl.php privilege escalation$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-17130
2019-09-248.58.5vBulletin widget_php privilege escalation$0-$5k$0-$5kHighNot Defined0.05CVE-2019-16759
2018-10-176.66.6vBulletin Redirect$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2018-15493
2018-01-256.66.6vBulletin redirector.php Redirect$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2018-6200
2017-12-148.58.1vBulletin cacheTemplates unserialize privilege escalation$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2017-17672
2017-12-148.18.1vBulletin directory traversal$0-$5k$0-$5kHighNot Defined0.00CVE-2017-17671
2017-09-196.46.4vBulletin Private Message privilege escalation$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2015-3419

87 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 87 results.

PoprzedniPrzeglądKolejny

Do you know our Splunk app?

Download it now for free!