exploits , vulnerabilities , articles , JelSoft VBulletin Multiple Module Index.PHP Cross-Site Scripting Vulnerabilities

Title	JelSoft VBulletin Multiple Module Index.PHP Cross-Site Scripting Vulnerabilities
Published	2004-03-22-12:00AM
Updated	2004-03-22-05:38PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Disclosure of this issue is credited to JeiAr <security@gulftech.org>.
Vulnerable	Jelsoft vBulletin 3.0 .0 can4 Jelsoft vBulletin 3.0 .0 Jelsoft vBulletin 2.3.4 Jelsoft vBulletin 2.3.3 Jelsoft vBulletin 2.3 Jelsoft vBulletin 2.2.9 can Jelsoft vBulletin 2.2.8 Jelsoft vBulletin 2.2.7 Jelsoft vBulletin 2.2.6 Jelsoft vBulletin 2.2.5 Jelsoft vBulletin 2.2.4 Jelsoft vBulletin 2.2.3 Jelsoft vBulletin 2.2.2 Jelsoft vBulletin 2.2.1 Jelsoft vBulletin 2.2 .0 Apache Software Foundation Apache 1.3.17 Apache Software Foundation Apache 1.3.19 Apache Software Foundation Apache 1.3.20 Apache Software Foundation Apache 1.3.22 Apache Software Foundation Apache for Windows 1.3.17 Apache Software Foundation Apache for Windows 1.3.19 Apache Software Foundation Apache for Windows 1.3.20 Microsoft IIS 3.0 Microsoft IIS 4.0 Microsoft IIS 5.0 Jelsoft vBulletin 2.0.2 Jelsoft vBulletin 2.0.1 Jelsoft vBulletin 2.0 beta 3 Jelsoft vBulletin 2.0 beta 2 Jelsoft vBulletin 2.0
Not Vulnerable
Code	An exploit is not required to leverage this issue. The following proof of concept has been provided: http://www.example.com/admincp/index.php?vb_login_username=[XSS] http://www.example.com/modcp/index.php?vb_login_username=[XSS]
TXT