Lucene search
+L

61 matches found

CVE
CVE
added 2005/06/28 4:0 a.m.72 views

CVE-2005-2060

Infopop UBB.Threads (before 6.5.2 Beta) is affected by HTTP Response Splitting in three scripts (toggleshow.php, togglecats.php, showprofile.php) via CRLF sequences in the Cat parameter. Root cause: insufficient input validation leads to remote spoofing of content and potential web-cache poisonin...

5CVSS6.6AI score0.01336EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.24 views

CVE-2005-2061

Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null %00 byte...

6.5AI score0.01336EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2005/06/28 12:0 a.m.6 views

PT-2005-3001 · Infopop · Ubb.Threads

Name of the Vulnerable Software and Affected Versions: Infopop UBB.Threads versions prior to 6.5.2 Beta Description: The issue concerns multiple cross-site request forgery CSRF vulnerabilities found in several PHP files, including addaddress.php, toggleignore.php, removeignore.php, and...

6.5CVSS7.1AI score0.0096EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/06/25 12:0 a.m.64 views

Infopop UBB Threads Multiple Vulnerabilities

GulfTech Security Research June 23rd, 2005 Vendor : Infopop Corporation URL : http://www.ubbcentral.com/ubbthreads/ Version : All Versions Prior To 6.5.2 Beta Risk : Multiple Vulnerabilities Description: UBB Threads is a very popular forum system developed by Infopop. There are a number of...

Exploits0
Packet Storm
Packet Storm
added 2005/06/25 12:0 a.m.38 views

ubb652.txt

GulfTech Security Research June 23rd, 2005 Vendor : Infopop Corporation URL : http://www.ubbcentral.com/ubbthreads/ Version : All Versions Prior To 6.5.2 Beta Risk : Multiple Vulnerabilities Description: UBB Threads is a very popular forum system developed by Infopop. There are a number of...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.23 views

CVE-2004-2509

Cross-site scripting XSS vulnerabilities in 1 calendar.php, 2 login.php, and 3 online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter...

4.3CVSS6.1AI score0.02233EPSS
Exploits1References8
NVD
NVD
added 2004/12/31 5:0 a.m.16 views

CVE-2004-2510

Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...

4.3CVSS5.8AI score0.03922EPSS
Exploits1References6
NVD
NVD
added 2003/08/18 4:0 a.m.14 views

CVE-2003-0587

Cross-site scripting XSS vulnerability in Infopop Ultimate Bulletin Board UBB 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie...

6.9CVSS6.1AI score0.00545EPSS
Exploits0References1
NVD
NVD
added 2002/05/16 4:0 a.m.12 views

CVE-2002-0223

Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension...

7.5CVSS6.9AI score0.01771EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.22 views

CVE-2002-0223

Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension...

6.9AI score0.01771EPSS
Exploits1References3
CVE
CVE
added 2002/05/03 4:0 a.m.45 views

CVE-2002-0223

CVE-2002-0223 affects Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9. The vulnerability allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension but ends with a different, non-accepted extension. The issue is a fi...

7.5CVSS7.3AI score0.01771EPSS
Exploits1References3Affected Software2
NVD
NVD
added 2002/03/25 5:0 a.m.15 views

CVE-2002-0118

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...

7.5CVSS6.9AI score0.07101EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.21 views

CVE-2002-0118

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...

6.9AI score0.07101EPSS
Exploits1References3
CVE
CVE
added 2002/03/15 5:0 a.m.48 views

CVE-2002-0118

The CVE-2002-0118 entry concerns Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0, where a cross‑site scripting (XSS) vulnerability exists. According to the description, remote attackers can execute arbitrary script and steal cookies by sending a message containing encoded Javascript ...

7.5CVSS7.3AI score0.07101EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.22 views

CVE-2001-0897

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB before 5.47e allows remote attackers to steal user cookies via an IMG tag that references an about: URL with an onerror field...

6.3AI score0.01878EPSS
Exploits0References2
CVE
CVE
added 2002/02/02 5:0 a.m.54 views

CVE-2001-0897

The CVE-2001-0897 issue affects Infopop Ultimate Bulletin Board (UBB) versions prior to 5.47e. A cross-site scripting flaw allows remote attackers to steal user cookies by exploiting an [IMG] tag that references an about: URL with an onerror field. The vulnerability is tied to the HTML/img handli...

5CVSS6.7AI score0.01878EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2001/11/15 5:0 a.m.13 views

CVE-2001-0897

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB before 5.47e allows remote attackers to steal user cookies via an IMG tag that references an about: URL with an onerror field...

5CVSS6.3AI score0.01878EPSS
Exploits0References2
CVE
CVE
added 2000/10/13 4:0 a.m.46 views

CVE-2000-0141

Infopop Ultimate Bulletin Board (UBB) is affected by CVE-2000-0141. The vulnerability allows remote attackers to execute commands by injecting shell metacharacters into the topic hidden field. Connected sources corroborate that this affects Infopop UBB, with the PT-2000-1126 entry noting that aff...

10CVSS7.6AI score0.0348EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.19 views

CVE-2000-0141

Infopop Ultimate Bulletin Board UBB allows remote attackers to execute commands via shell metacharacters in the topic hidden field...

7.2AI score0.0348EPSS
Exploits0References4
NVD
NVD
added 2000/02/11 5:0 a.m.17 views

CVE-2000-0141

Infopop Ultimate Bulletin Board UBB allows remote attackers to execute commands via shell metacharacters in the topic hidden field...

10CVSS7.2AI score0.0348EPSS
Exploits0References4
Rows per page
Query Builder