Medium severity6.5NVD Advisory· Published Sep 19, 2017· Updated Jun 17, 2026
CVE-2015-3419
CVE-2015-3419
Description
vBulletin 5.x through 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_11:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_11:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_28:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:beta1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.3:alpha5:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.5:beta_1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.5:beta_3:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.6:beta_2:*:*:*:*:*:*
- (no CPE)range: 5.x through 5.1.6
Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2015/04/24/4nvdMailing ListThird Party Advisory
- www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4319488-security-patch-released-for-vbulletin-5-1-4-5-1-6-and-vbulletin-cloudnvdVendor Advisory
News mentions
0No linked articles in our index yet.