Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in MKPortal 1.1 Rc1 and earlier, as used with vBulletin 3.5.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) u1, (2) m1, (3) m2, (4) m3, (5) m4 parameters.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.nukedx.com/?viewdoc=26 | x_refsource_MISC |
| http://securitytracker.com/id?1015977 | vdb-entry x_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/447195/100/0/threaded | mailing-list x_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/447303/100/0/threaded | mailing-list x_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2006/1485 | vdb-entry x_refsource_VUPEN |
| http://securityreason.com/securityalert/801 | third-party-advisory x_refsource_SREASON |
| http://www.securityfocus.com/bid/17651 | vdb-entry x_refsource_BID |
| http://www.securityfocus.com/bid/20232 | vdb-entry x_refsource_BID |
| http://www.osvdb.org/24901 | vdb-entry x_refsource_OSVDB |
| http://secunia.com/advisories/19786 | third-party-advisory x_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/431759/100/0/threaded | mailing-list x_refsource_BUGTRAQ |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.nukedx.com/?viewdoc=26 | x_refsource_MISC x_transferred |
| http://securitytracker.com/id?1015977 | vdb-entry x_refsource_SECTRACK x_transferred |
| http://www.securityfocus.com/archive/1/447195/100/0/threaded | mailing-list x_refsource_BUGTRAQ x_transferred |
| http://www.securityfocus.com/archive/1/447303/100/0/threaded | mailing-list x_refsource_BUGTRAQ x_transferred |
| http://www.vupen.com/english/advisories/2006/1485 | vdb-entry x_refsource_VUPEN x_transferred |
| http://securityreason.com/securityalert/801 | third-party-advisory x_refsource_SREASON x_transferred |
| http://www.securityfocus.com/bid/17651 | vdb-entry x_refsource_BID x_transferred |
| http://www.securityfocus.com/bid/20232 | vdb-entry x_refsource_BID x_transferred |
| http://www.osvdb.org/24901 | vdb-entry x_refsource_OSVDB x_transferred |
| http://secunia.com/advisories/19786 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://www.securityfocus.com/archive/1/431759/100/0/threaded | mailing-list x_refsource_BUGTRAQ x_transferred |