CVE-2002-2235
member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which caus
member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which causes an error message to be reflected back to the user without quoting, which facilitates cross-site scripting (XSS) and possibly other attacks.
MEDIUM · CVSS 5
EPSS 0.00568
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0