UBBCentral UBB.Threads 5.5.16.x - modifypost.php?Number SQL Injection

UBBCentral UBB.Threads 5.5.16.x - modifypost.php?Number SQL Injection source: https://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A...

UBBCentral UBB.Threads 6.2.3/6.5 - 'online.php?Cat' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...

UBBCentral UBB.Threads 6.2.x < 6.3x - One Char Brute Force

!/usr/bin/perl use LWP::UserAgent; UBB.Threads 6.2. - 6.3. exploit with one char brute technique by 1dt.w0lf // r57 $path = $ARGV0; $username = $ARGV1; $snum = 1; $n=0; $|++; if @ARGV 2 print "Please wait...\r\n"; print ""; while1 &found0,122; 0 if $char=="0" print "\r\n\r\n";...

CVE-2004-1622

SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter...