Published: 29/06/2005 Updated: 18/10/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 790

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in Infopop UBB.Threads prior to 6.5.2 Beta allow remote malicious users to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ubbcentral ubb.threads 6.0.1
ubbcentral ubb.threads 6.0.2
ubbcentral ubb.threads 6.2.3
ubbcentral ubb.threads 6.3
ubbcentral ubb.threads 6.3.1
ubbcentral ubb.threads 6.5.1
ubbcentral ubb.threads 6.5.1.1
ubbcentral ubb.threads 6.1.1
ubbcentral ubb.threads 6.2
ubbcentral ubb.threads 6.4.2
ubbcentral ubb.threads 6.4.3
ubbcentral ubb.threads 6.0
ubbcentral ubb.threads 6.2.1
ubbcentral ubb.threads 6.2.2
ubbcentral ubb.threads 6.4.4
ubbcentral ubb.threads 6.5
ubbcentral ubb.threads 6.0.3
ubbcentral ubb.threads 6.1
ubbcentral ubb.threads 6.4
ubbcentral ubb.threads 6.4.1

source: wwwsecurityfocuscom/bid/14052/info UBBThreads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerab ...

<?php ############################################################################# # T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m ############################################################################# # Vulnerable: UBBCentral SQL Injection # # Exploit By : MH_p0rtal # # Discovered By: James Bercegay ######### ...

NVD-CWE-Other http://www.gulftech.org/?node=research&article_id=00084-06232005 http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351 http://marc.info/?l=bugtraq&m=111963737202040&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/25903/

Get Started

CVE-2005-2058

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect