20 matches found
EUVD-2006-0552
Malware in sbrugna...
EUVD-2006-5121
Malware in sbrugna...
EUVD-2006-5123
Malware in sbrugna...
CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter...
CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter...
CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter...
CVE-2007-1956
The CVE-2007-1956 entry describes an SQL injection in ubbthreads.php of Groupee UBB.threads
CVE-2006-5136
Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSthispath or 2 GLOBALSconfigdir parameter...
CVE-2006-5137
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to 1 inject PHP code via a theme array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; 2 inject PHP code via a config array parameter to...
CVE-2006-5138
Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message...
CVE-2006-5137
CVE-2006-5137 affects Groupee UBB.threads 6.5.1.1 and enables remote PHP code injection through multiple vectors: (1) theme[] via admin/doedittheme.php into includes/theme.inc.php; (2) config[] via admin/doeditconfig.php into includes/config.inc.php; and (3) a URL in config[path] exploited to run...
CVE-2006-5137
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to 1 inject PHP code via a theme array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; 2 inject PHP code via a config array parameter to...
CVE-2006-5138
CVE-2006-5138 affects Groupee UBB.threads 6.5.1.1. The vulnerability allows remote attackers to obtain sensitive information via a direct request to cron/php/subscriptions.php, which reveals the installation path in an error message. This is a information disclosure issue reported in multiple sou...
CVE-2006-5138
Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message...
CVE-2006-5136
UBB.threads 6.5.1.1 contains multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php that allow remote attackers to execute arbitrary PHP code via a URL provided to GLOBALS[thispath] or GLOBALS[configdir]. Root cause is improper handling of user-supplied URLs in these globals. The CVE ...
CVE-2006-5136
Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSthispath or 2 GLOBALSconfigdir parameter...
Sql injection
SQL injection vulnerability in showflat.php in Groupee formerly known as Infopop UBB.threads 6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Number parameter...
CVE-2006-0545
SQL injection vulnerability in showflat.php in Groupee formerly known as Infopop UBB.threads 6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Number parameter...
CVE-2006-0545
The CVE-2006-0545 entry describes an SQL injection in showflat.php of UBB.threads (Groupee, formerly Infopop) version 6.3 and earlier. The vulnerability allows remote attackers to craft the Number parameter to execute arbitrary SQL commands, enabling potential data disclosure or modification. Aff...
CVE-2006-0545
SQL injection vulnerability in showflat.php in Groupee formerly known as Infopop UBB.threads 6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Number parameter...