167 matches found
UBB.threads < 6.5.1.1 editpost.php SQL Injection
Binary data 2699.prm...
CVE-2005-0726
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter...
CVE-2005-0726
The CVE-2005-0726 entry concerns UBB.threads 6.0, where the editpost.php script is vulnerable to SQL injection via the Number parameter. The root cause is insufficient sanitization in editpost.php, allowing a remote attacker to execute arbitrary SQL commands. Impact includes potential data exposu...
UBB.threads editpost.php Number Parameter SQL Injection
According to its banner, the remote host is running a version of UBB.threads that fails to sufficiently sanitize the 'Number' parameter before using it in SQL queries in the 'editpost.php' script. As a result, a remote attacker can pass malicious input to database queries, potentially resulting i...
UBB.threads Detection
The remote host is running UBB.threads, a web-based message board software system written in PHP. %NASLMINLEVEL 70300 C Tenable Network Security include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid17315; scriptversion"1.14";...
UBBCentral UBB.Threads 6.0 - editpost.php SQL Injection
UBBCentral UBB.Threads 6.0 - editpost.php SQL Injection source: https://www.securityfocus.com/bid/12784/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported pro...
UBBCentral UBB.Threads 6.0 - 'editpost.php' SQL Injection
source: https://www.securityfocus.com/bid/12784/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported prone to this issue. It is likely that other versions are...
CVE-2004-1622
UBB.threads 3.4.x is affected by a SQL injection in dosearch.php triggered via the Name parameter. The vulnerability allows remote attackers to execute arbitrary SQL statements on the back-end database. The CVE entry identifies the affected component as dosearch.php within UBB.threads and notes t...
CVE-2004-1622
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter...
CVE-2004-2509
Cross-site scripting XSS vulnerabilities in 1 calendar.php, 2 login.php, and 3 online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter...
CVE-2004-2510
Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...
UBBCentral UBB.Threads 6.2.36.5 - calendar.php?Cat Cross-Site Scripting
UBBCentral UBB.Threads 6.2.36.5 - calendar.php?Cat Cross-Site Scripting source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize...
UBBCentral UBB.Threads 6.2.36.5 - online.php?Cat Cross-Site Scripting
UBBCentral UBB.Threads 6.2.36.5 - online.php?Cat Cross-Site Scripting source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize...
UBBCentral UBB.Threads 6.2.36.5 - login.php?Cat Cross-Site Scripting
UBBCentral UBB.Threads 6.2.36.5 - login.php?Cat Cross-Site Scripting source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize...
UBB.threads < 6.5.1 Multiple XSS
There are various cross-site scripting issues in the remote version of this software. An attacker may exploit them to use the remote website to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected website. %NASLMINLEVEL 70300 C...
UBBCentral UBB.Threads 6.2.3/6.5 - 'showflat.php?Cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...
UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php?Cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...
UBBCentral UBB.Threads 6.2.3/6.5 - 'online.php?Cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...
UBBCentral UBB.Threads 6.2.x 6.3x - One Char Brute Force
UBBCentral UBB.Threads 6.2.x 6.3x - One Char Brute Force !/usr/bin/perl use LWP::UserAgent; UBB.Threads 6.2. - 6.3. exploit with one char brute technique by 1dt.w0lf // r57 $path = $ARGV0; $username = $ARGV1; $snum = 1; $n=0; $|++; if @ARGV 2 print "Please wait...\r\n"; print ""; while1...
UBB.threads 6.2.*-6.3.* one char bruteforce exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; UBB.Threads 6.2. - 6.3. exploit with one char brute technique by 1dt.w0lf // r57 $path = $ARGV0; $username = $ARGV1; $snum = 1; $n=0; $|++; if @ARGV 2 print "Please wait...\r\n"; print ""; while1 &found0,122; 0 &1077...