VYPR

Vbseo

by Vbseo

CVEs (4)

  • CVE-2014-9463HigSep 15, 2017
    risk 0.61cvss 8.8epss 0.15

    functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.

  • CVE-2012-5223Oct 1, 2012
    risk 0.06cvss epss 0.41

    The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted into a regular expression…

  • CVE-2010-1077Mar 23, 2010
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.

  • CVE-2012-6666Feb 10, 2020
    risk 0.00cvss epss 0.01

    vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter.