Lucene search
+L

4 matches found

nvd
nvd
added 2026/06/18 2:17 p.m.15 views

CVE-2026-54223

UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file on the application’s server that application has privileges to, what results in Remote Code Execution. Because vendor contact attempts were unsuccessful, the vulnerability...

8.6CVSS0.00628EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/18 12:56 p.m.7 views

CVE-2026-54224

UBB.threads is vulnerable to Denial of Service DoS. By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users. Because vend...

7.1CVSS5.3AI score0.00293EPSS
Exploits0References3
cve
cve
added 2026/06/18 12:56 p.m.21 views

CVE-2026-54220

CVE-2026-54220 : uBB.threads is vulnerable to a Cross-Site Request Forgery (CSRF) due to a lack of protective mechanisms, confirmed in version 7.7.5 and possibly earlier. The flaw allows an attacker to trick an authenticated user into performing unintended actions. The CVSS metrics indicate high ...

8.6CVSS5.2AI score0.00187EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/18 12:56 p.m.19 views

CVE-2026-54220 Cross-Site Request Forgery in UBB.threads

uBB.threads is vulnerable to a Cross-Site Request Forgery CSRF due to a lack of protective mechanisms. This allows an attacker to trick an authenticated user into executing unintended actions. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version...

8.6CVSS0.00187EPSS
Exploits0References2
Rows per page
Query Builder