Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2002-1922

Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.

  • Published: Dec 31, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-1922
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
jelsoft / vbulletin 2.2.0 2.2.0.x
jelsoft / vbulletin 2.0_rc2 2.0_rc2.x
jelsoft / vbulletin 2.0_rc3 2.0_rc3.x
jelsoft / vbulletin 2.2.1 2.2.1.x
jelsoft / vbulletin 2.2.7 2.2.7.x
jelsoft / vbulletin 2.2.4 2.2.4.x
jelsoft / vbulletin 2.2.2 2.2.2.x
jelsoft / vbulletin 2.2.5 2.2.5.x
jelsoft / vbulletin 2.2.6 2.2.6.x
jelsoft / vbulletin 2.2.8 2.2.8.x
jelsoft / vbulletin 2.2.3 2.2.3.x