Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubbcentral ubb.threads vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2568
PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB.threads 6.4 up to and including 6.5.2 and 6.5.1.1 (trial) allows remote malicious users to execute arbitrary PHP code via a URL in the thispath parameter.
Ubbcentral Ubb.threads 6.5
Ubbcentral Ubb.threads 6.5.1
Ubbcentral Ubb.threads 6.4.4
Ubbcentral Ubb.threads 6.4.3
Ubbcentral Ubb.threads 6.4.2
Ubbcentral Ubb.threads 6.4.1
Ubbcentral Ubb.threads 6.5.1.1
Ubbcentral Ubb.threads 6.5.2
Ubbcentral Ubb.threads 6.4
1 EDB exploit
NA
CVE-2006-1423
SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and previous versions, allows remote malicious users to execute arbitrary SQL commands via the Number parameter.
Ubbcentral Ubb.threads 5.5.1
Ubbcentral Ubb.threads 6.0.1
Ubbcentral Ubb.threads 6.0
Ubbcentral Ubb.threads 6.0.2
NA
CVE-2004-2509
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.5
Ubbcentral Ubb.threads 6.2.3
3 EDB exploits
NA
CVE-2004-1622
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote malicious users to execute arbitrary SQL statements via the Name parameter.
Ubbcentral Ubb.threads 3.5
Ubbcentral Ubb.threads 3.4
1 EDB exploit
6.5
CVSSv3
CVE-2005-2059
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads prior to 6.5.2 Beta allow remote malicious users to modify settings as another user via a link or IMG tag...
Ubbcentral Ubb.threads
NA
CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the C parameter.
Ubbcentral Ubb.threads
1 EDB exploit
NA
CVE-2006-5136
Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) GLOBALS[thispath] or (2) GLOBALS[configdir] parameter.
Ubbcentral Ubb.threads 6.5.1.1
NA
CVE-2005-0726
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote malicious users to execute arbitrary SQL commands via the Number parameter.
Ubbcentral Ubb.threads 6.0
NA
CVE-2006-5137
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote malicious users to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP code via a config[] array...
Ubbcentral Ubb.threads 6.5.1.1
1 EDB exploit
NA
CVE-2006-5138
Groupee UBB.threads 6.5.1.1 allows remote malicious users to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message.
Ubbcentral Ubb.threads 6.5.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »