CVE-2006-0080

Published: Jan 4, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the title of an event, which is not properly filtered by (1) calendar.php and (2) reminder.php.

Affected (1)

Products: Jelsoft: Vbulletin

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Jelsoft Vbulletin	Version 3.5.2

References (16)

http://kapda.ir/advisory-177.html

Source: cve@mitre.org

ExploitVendor Advisory

http://secunia.com/advisories/18299

Source: cve@mitre.org

http://www.osvdb.org/22210

Source: cve@mitre.org

http://www.osvdb.org/22220

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/420663/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/421310/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16116

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0033

Source: cve@mitre.org

http://kapda.ir/advisory-177.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://secunia.com/advisories/18299

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/22210

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/22220

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/420663/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/421310/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/16116

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/0033

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.