Unrated severityNVD Advisory· Published Jan 4, 2006· Updated Jun 16, 2026
CVE-2006-0080
CVE-2006-0080
Description
Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the title of an event, which is not properly filtered by (1) calendar.php and (2) reminder.php.
Affected products
2Patches
Vulnerability mechanics
References
8- kapda.ir/advisory-177.htmlnvdExploitVendor Advisory
- secunia.com/advisories/18299nvd
- www.osvdb.org/22210nvd
- www.osvdb.org/22220nvd
- www.securityfocus.com/archive/1/420663/100/0/threadednvd
- www.securityfocus.com/archive/1/421310/100/0/threadednvd
- www.securityfocus.com/bid/16116nvd
- www.vupen.com/english/advisories/2006/0033nvd
News mentions
0No linked articles in our index yet.