Lucene search
K

167 matches found

Exploit DB
Exploit DB
added 2008/09/02 12:0 a.m.35 views

UBBCentral UBB.Threads 7.3.1 - 'Forum[]' Array SQL Injection

source: https://www.securityfocus.com/bid/31074/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7.4AI score
Exploits0
NVD
NVD
added 2007/04/11 1:19 a.m.23 views

CVE-2007-1956

SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter...

7.5CVSS8.4AI score0.00978EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/04/11 1:0 a.m.27 views

CVE-2007-1956

SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter...

8.4AI score0.00978EPSS
Exploits0References4
CVE
CVE
added 2007/04/11 1:0 a.m.58 views

CVE-2007-1956

The CVE-2007-1956 entry describes an SQL injection in ubbthreads.php of Groupee UBB.threads

7.5CVSS8.4AI score0.00978EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2007/04/10 12:0 a.m.21 views

ubb-sql.txt

UBB.threads SQL Injection Vulnerability The variable 'C' in UBB.threads is susceptible to SQL injection. Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C=' Vulnerable: UBB.threads = 6.1.1 Google d0rk: allintitle:"Forums powered by UBB.threads" John Martinelli [email protected]...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/09 12:0 a.m.28 views

UBBCentral UBB.Threads 6.1.1 - 'UBBThreads.php' SQL Injection

source: https://www.securityfocus.com/bid/23369/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7AI score
Exploits0
exploitpack
exploitpack
added 2007/04/09 12:0 a.m.11 views

UBBCentral UBB.Threads 6.1.1 - UBBThreads.php SQL Injection

UBBCentral UBB.Threads 6.1.1 - UBBThreads.php SQL Injection source: https://www.securityfocus.com/bid/23369/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow a...

Exploits0
securityvulns
securityvulns
added 2007/04/09 12:0 a.m.56 views

UBB.threads (<= 6.1.1) SQL Injection Vulnerability

UBB.threads SQL Injection Vulnerability The variable 'C' in UBB.threads is susceptible to SQL injection. Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C=' Vulnerable: UBB.threads = 6.1.1 Google d0rk: allintitle:"Forums powered by UBB.threads" John Martinelli [email protected]...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2006/10/04 12:0 a.m.62 views

UBB.threads-6.txt

Hello,, UBB.threads Multiple input validation error Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on Version 6 6.5.1.1 and other versions maybe affected Remote File including :...

7.4AI score
Exploits0
NVD
NVD
added 2006/10/03 4:3 a.m.15 views

CVE-2006-5138

Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message...

5CVSS6.1AI score0.01457EPSS
Exploits1References4
NVD
NVD
added 2006/10/03 4:3 a.m.15 views

CVE-2006-5137

Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to 1 inject PHP code via a theme array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; 2 inject PHP code via a config array parameter to...

5.1CVSS7.6AI score0.0214EPSS
Exploits1References4
NVD
NVD
added 2006/10/03 4:3 a.m.19 views

CVE-2006-5136

Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSthispath or 2 GLOBALSconfigdir parameter...

7.5CVSS7.6AI score0.01566EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/10/02 8:0 p.m.20 views

CVE-2006-5138

Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message...

6.1AI score0.01457EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/10/02 8:0 p.m.25 views

CVE-2006-5136

Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSthispath or 2 GLOBALSconfigdir parameter...

7.6AI score0.01566EPSS
Exploits1References4
CVE
CVE
added 2006/10/02 8:0 p.m.58 views

CVE-2006-5136

UBB.threads 6.5.1.1 contains multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php that allow remote attackers to execute arbitrary PHP code via a URL provided to GLOBALS[thispath] or GLOBALS[configdir]. Root cause is improper handling of user-supplied URLs in these globals. The CVE ...

7.5CVSS8AI score0.01566EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2006/10/02 8:0 p.m.22 views

CVE-2006-5137

Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to 1 inject PHP code via a theme array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; 2 inject PHP code via a config array parameter to...

7.6AI score0.0214EPSS
Exploits1References4
CVE
CVE
added 2006/10/02 8:0 p.m.291 views

CVE-2006-5137

CVE-2006-5137 affects Groupee UBB.threads 6.5.1.1 and enables remote PHP code injection through multiple vectors: (1) theme[] via admin/doedittheme.php into includes/theme.inc.php; (2) config[] via admin/doeditconfig.php into includes/config.inc.php; and (3) a URL in config[path] exploited to run...

5.1CVSS7.6AI score0.0214EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2006/10/02 8:0 p.m.59 views

CVE-2006-5138

CVE-2006-5138 affects Groupee UBB.threads 6.5.1.1. The vulnerability allows remote attackers to obtain sensitive information via a direct request to cron/php/subscriptions.php, which reveals the installation path in an error message. This is a information disclosure issue reported in multiple sou...

5CVSS6.5AI score0.01457EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/09/30 12:0 a.m.35 views

UBB.threads doeditconfig Arbitrary Command Injection

The version of UBB.threads installed on the remote host fails to sanitize input to the 'thispath' and 'config' parameters of the 'admin/doeditconfig.php' script before using them to update the application's configuration file. Provided PHP's 'registerglobals' setting is enabled, an unauthenticate...

5.1CVSS5.9AI score0.0214EPSS
Exploits1References4
securityvulns
securityvulns
added 2006/09/29 12:0 a.m.168 views

UBB.threads Multiple input validation error

Hello,, UBB.threads Multiple input validation error Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on Version 6 6.5.1.1 and other versions maybe affected Remote File including :...

0.8AI score
Exploits0
Rows per page
Query Builder