cpe:/a:jelsoft:vbulletin:1.0.1::lite cpe:/a:jelsoft:vbulletin:2.0.3 cpe:/a:jelsoft:vbulletin:2.0_rc2 cpe:/a:jelsoft:vbulletin:2.0_rc3 cpe:/a:jelsoft:vbulletin:2.2.0 cpe:/a:jelsoft:vbulletin:2.2.1 cpe:/a:jelsoft:vbulletin:2.2.2 cpe:/a:jelsoft:vbulletin:2.2.3 cpe:/a:jelsoft:vbulletin:2.2.4 cpe:/a:jelsoft:vbulletin:2.2.5 cpe:/a:jelsoft:vbulletin:2.2.6 cpe:/a:jelsoft:vbulletin:2.2.7 cpe:/a:jelsoft:vbulletin:2.2.8 cpe:/a:jelsoft:vbulletin:2.2.9 cpe:/a:jelsoft:vbulletin:2.3.0 cpe:/a:jelsoft:vbulletin:2.3.2 cpe:/a:jelsoft:vbulletin:2.3.3 cpe:/a:jelsoft:vbulletin:2.3.4 cpe:/a:jelsoft:vbulletin:3.0_beta_2 cpe:/a:jelsoft:vbulletin:3.0_beta_3 cpe:/a:jelsoft:vbulletin:3.0_beta_4 cpe:/a:jelsoft:vbulletin:3.0_beta_5 cpe:/a:jelsoft:vbulletin:3.0_beta_6 cpe:/a:jelsoft:vbulletin:3.0_beta_7 cpe:/a:jelsoft:vbulletin:3.0_gamma CVE-2004-2288 2004-12-31T00:00:00.000-05:00 2008-09-05T16:43:42.907-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-08-05T09:42:00.000-04:00 BID 10362 MISC http://www.infosecurity.org.cn/article/hacker/exploit/16557.html Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter.