Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads prior to 6.5.2 Beta allow remote malicious users to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ubbcentral ubb.threads 6.1.1 |
||
ubbcentral ubb.threads 6.2 |
||
ubbcentral ubb.threads 6.0 |
||
ubbcentral ubb.threads 6.2.1 |
||
ubbcentral ubb.threads 6.2.2 |
||
ubbcentral ubb.threads 6.4.3 |
||
ubbcentral ubb.threads 6.4.4 |
||
ubbcentral ubb.threads 6.5 |
||
ubbcentral ubb.threads 6.0.3 |
||
ubbcentral ubb.threads 6.1 |
||
ubbcentral ubb.threads 6.3.1 |
||
ubbcentral ubb.threads 6.4 |
||
ubbcentral ubb.threads 6.0.1 |
||
ubbcentral ubb.threads 6.0.2 |
||
ubbcentral ubb.threads 6.2.3 |
||
ubbcentral ubb.threads 6.3 |
||
ubbcentral ubb.threads 6.5.1 |
||
ubbcentral ubb.threads 6.5.1.1 |
||
ubbcentral ubb.threads 6.4.1 |
||
ubbcentral ubb.threads 6.4.2 |