functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.
Max CVSS
9.0
EPSS Score
3.10%
Published
2017-09-15
Updated
2017-09-29
vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter.
Max CVSS
6.1
EPSS Score
0.29%
Published
2020-02-10
Updated
2020-02-11
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.
Max CVSS
6.8
EPSS Score
1.40%
Published
2010-03-23
Updated
2017-08-17
3 vulnerabilities found