4 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF to 1 upgrade-0-2-3.php, 2 upgrade-0-3.php, or 3 upgrade-0-4.php in install/, a different vulnerability than...
CVE-2007-3963
Multiple cross-site scripting XSS vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF to 1 upgrade-0-2-3.php, 2 upgrade-0-3.php, or 3 upgrade-0-4.php in install/, a different vulnerability than...
CVE-2007-3963
Multiple cross-site scripting XSS vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF to 1 upgrade-0-2-3.php, 2 upgrade-0-3.php, or 3 upgrade-0-4.php in install/, a different vulnerability than...
UseBB 1.0.7 - installupgrade-0-3.php?PHP_SELF Cross-Site Scripting
UseBB 1.0.7 - installupgrade-0-3.php?PHPSELF Cross-Site Scripting source: https://www.securityfocus.com/bid/24990/info UseBB is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...