Vendor Dictionary: Jelsoft Enterprises Limited

Jelsoft Enterprises Limited

Short Name:	Jelsoft
Previous Names:	[None Entered]
URL:	http://www.vbulletin.com/ [visit link]
Email:	infovbulletin.com
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]

Vulnerabilities by Vendor Product

Jelsoft Enterprises Limited

Jelsoft Enterprises Limited

vBulletin: 2.0.x; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.0; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.1; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.2; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.3; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.4; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.5; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.6; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.7; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.8; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.2.9; OSVDB ID: 3280 vBulletin memberlist.php XSS; 2.0.3; OSVDB ID: 3299 vBulletin calendar.php comma Parameter Arbitrary Command Execution; 2.3.0; OSVDB ID: 3344 vBulletin calendar.php eventid Parameter SQL Injection; 2.3.1; OSVDB ID: 3344 vBulletin calendar.php eventid Parameter SQL Injection; OSVDB ID: 13150 vBulletin BBTag XSS; 2.3.2; OSVDB ID: 3344 vBulletin calendar.php eventid Parameter SQL Injection; 2.3.3; OSVDB ID: 3344 vBulletin calendar.php eventid Parameter SQL Injection; OSVDB ID: 13150 vBulletin BBTag XSS; 3.0.0 RC4; OSVDB ID: 4309 vBulletin private.php forward Parameter XSS; OSVDB ID: 5567 vBulletin admincp/index.php vb_login_username Parameter XSS; OSVDB ID: 5568 vBulletin modcp/index.php vb_login_username Parameter XSS; OSVDB ID: 4310 vBulletin forumdisplay.php order Parameter XSS; OSVDB ID: 4311 vBulletin showthread.php page Parameter XSS; 2.x; OSVDB ID: 4312 vBulletin memberlist.php what Parameter XSS; 3.0 Beta 2; OSVDB ID: 6309 vBulletin register.php Multiple Parameter XSS; 3.0 Beta 3; OSVDB ID: 6309 vBulletin register.php Multiple Parameter XSS; 3.0 Beta 4; OSVDB ID: 6309 vBulletin register.php Multiple Parameter XSS; 3.0 Beta 5; OSVDB ID: 6309 vBulletin register.php Multiple Parameter XSS; 3.0 Beta 6; OSVDB ID: 6309 vBulletin register.php Multiple Parameter XSS; 3.0 Beta 7; OSVDB ID: 6309 vBulletin register.php Multiple Parameter XSS; 3.0.1; OSVDB ID: 7256 vBulletin newreply.php WYSIWYG_HTML Parameter XSS; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; OSVDB ID: 13150 vBulletin BBTag XSS; 3.0.0 Beta 2; OSVDB ID: 9029 vBulletin private.php Preview Message XSS; 3.0.3; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; OSVDB ID: 13150 vBulletin BBTag XSS; OSVDB ID: 9993 vBulletin authorize.php x_invoice_num Parameter SQL Injection; 3.0.5; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; OSVDB ID: 13150 vBulletin BBTag XSS; 3.0.4; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; OSVDB ID: 13150 vBulletin BBTag XSS; 3.0.2; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; OSVDB ID: 13150 vBulletin BBTag XSS; 3.0.0; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; OSVDB ID: 13150 vBulletin BBTag XSS; 2.3.4; OSVDB ID: 13150 vBulletin BBTag XSS; 2.3.5; OSVDB ID: 13150 vBulletin BBTag XSS; 3.0.8; OSVDB ID: 19534 vBulletin joinrequests.php request Parameter SQL Injection; OSVDB ID: 19538 vBulletin /admincp/css.php group Parameter XSS; OSVDB ID: 19544 vBulletin /modcp/announcement.php announcement Parameter SQL Injection; OSVDB ID: 19545 vBulletin /admincp/usertools.php POST Method Variable Manipulation; OSVDB ID: 19546 vBulletin /admincp/announcement.php XSS; OSVDB ID: 19547 vBulletin /admincp/admincalendar.php XSS; OSVDB ID: 19548 vBulletin /admincp/bbcode.php XSS; OSVDB ID: 19549 vBulletin /admincp/cronadmin.php XSS; OSVDB ID: 19550 vBulletin /admincp/email.php do Parameter XSS; OSVDB ID: 19551 vBulletin /admincp/faq.php do Parameter XSS; OSVDB ID: 19552 vBulletin /admincp/forum.php do Parameter XSS; OSVDB ID: 19553 vBulletin /admincp/image.php XSS; OSVDB ID: 19554 vBulletin /admincp/language.php XSS; OSVDB ID: 19555 vBulletin /admincp/ranks.php do Parameter XSS; OSVDB ID: 19556 vBulletin /admincp/replacement.php do Parameter XSS; OSVDB ID: 19557 vBulletin /admincp/template.php XSS; OSVDB ID: 19558 vBulletin /admincp/usergroup.php do Parameter XSS; OSVDB ID: 19559 vBulletin /admincp/usertitle.php ip Parameter XSS; OSVDB ID: 19562 vBulletin /admincp/admincalendar.php Multiple Parameter SQL Injection; OSVDB ID: 19563 vBulletin /admincp/cronlog.php cronid Parameter SQL Injection; OSVDB ID: 19564 vBulletin /admincp/email.php user Parameter SQL Injection; OSVDB ID: 19565 vBulletin /admincp/help.php help Parameter SQL Injection; OSVDB ID: 19566 vBulletin /admincp/language.php rvt Parameter SQL Injection; OSVDB ID: 19567 vBulletin /admincp/phrase.php keep Parameter SQL Injection; OSVDB ID: 19560 vBulletin File Upload Arbitrary Command Execution; OSVDB ID: 19539 vBulletin /admincp/index.php Multiple Parameter XSS; OSVDB ID: 19540 vBulletin /admincp/user.php email Parameter XSS; OSVDB ID: 19541 vBulletin /admincp/language.php goto Parameter XSS; OSVDB ID: 19542 vBulletin /admincp/modlog.php orderby Parameter XSS; OSVDB ID: 19543 vBulletin /admincp/template.php Multiple Parameter XSS; OSVDB ID: 19535 vBulletin /admincp/user.php Multiple Parameter SQL Injection; OSVDB ID: 19536 vBulletin /admincp/usertitle.php usertitleid Parameter SQL Injection; OSVDB ID: 19537 vBulletin /admincp/usertools.php ids Parameter SQL Injection; OSVDB ID: 19988 vBulletin /admincp/thread.php Multiple Parameter SQL Injection; OSVDB ID: 19989 vBulletin /admincp/template.php dostyleid Parameter SQL Injection; OSVDB ID: 19990 vBulletin /admincp/usertools.php thread Parameter SQL Injection; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.5.1; OSVDB ID: 21373 vBulletin Avatar URL Field XSS; OSVDB ID: 24691 vBulletin ImpEx Module ImpExController.php systempath Parameter Remote File Inclusion; OSVDB ID: 24690 vBulletin ImpEx Module ImpExModule.php systempath Parameter Remote File Inclusion; OSVDB ID: 24692 vBulletin ImpEx Module ImpExDisplay.php systempath Parameter Remote File Inclusion; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.5.0; OSVDB ID: 21373 vBulletin Avatar URL Field XSS; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.5.2; OSVDB ID: 22210 vBulletin calendar.php Add Reminder Field title Parameter XSS; OSVDB ID: 22220 vBulletin reminder.php Add Reminder Field title Parameter XSS; OSVDB ID: 24691 vBulletin ImpEx Module ImpExController.php systempath Parameter Remote File Inclusion; OSVDB ID: 24690 vBulletin ImpEx Module ImpExModule.php systempath Parameter Remote File Inclusion; OSVDB ID: 24692 vBulletin ImpEx Module ImpExDisplay.php systempath Parameter Remote File Inclusion; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.5.3; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.0 beta 3; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.6; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.7; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.9; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.10; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.11; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.0.12; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.5.0 Beta 1; OSVDB ID: 23614 vBulletin editpassword Function Email Field XSS; 3.5.4; OSVDB ID: 24691 vBulletin ImpEx Module ImpExController.php systempath Parameter Remote File Inclusion; OSVDB ID: 24690 vBulletin ImpEx Module ImpExModule.php systempath Parameter Remote File Inclusion; OSVDB ID: 24692 vBulletin ImpEx Module ImpExDisplay.php systempath Parameter Remote File Inclusion; OSVDB ID: 28210 vBulletin upgrade_301.php step Parameter Remote File Inclusion; 3.5.x; OSVDB ID: 27508 vBulletin member.php u Parameter XSS; 3.0.14; OSVDB ID: 27779 vBulletin global.php Encoded URL XSS; 3.5.4; OSVDB ID: 27777 vBulletin Unspecified XSS; OSVDB ID: 27778 vBulletin Attachment Handling .pdf File XSS; 3.0.14; OSVDB ID: 27777 vBulletin Unspecified XSS; OSVDB ID: 27778 vBulletin Attachment Handling .pdf File XSS; 2.3.9; OSVDB ID: 27777 vBulletin Unspecified XSS; OSVDB ID: 27778 vBulletin Attachment Handling .pdf File XSS; 3.6.10; OSVDB ID: 46185 vBulletin Unspecified XSS; 3.7.1; OSVDB ID: 46185 vBulletin Unspecified XSS; 3.6.8; OSVDB ID: 52944 vBulletin profile.php CSRF XSS Injection

WeBid: 0.5.4; OSVDB ID: 57579 WeBid logs/cron.log Direct Request Information Disclosure; OSVDB ID: 57578 WeBid Admin Panel username Parameter SQL Injection Authentication Bypass

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.