CVE-2007-0830 Information

Feb 14, 2021 cve

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager (2) User Rank Manager (3) User Title Manager (4) BB Code Manager (5) Attachment Manager (6) Calendar Manager and (7) Forums & Moderators functions. NOTE: the vendor disputes this issue stating that modifying HTML is an intended privilege of an administrator. NOTE: it is possible that this issue overlaps CVE-2006-6040.

Reference

http://osvdb.org/35152 http://secunia.com/advisories/24085 http://www.securityfocus.com/archive/1/459289/100/0/threaded http://www.securityfocus.com/archive/1/459367/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/32268

Share on: