Unrated severityNVD Advisory· Published Mar 25, 2002· Updated Apr 16, 2026

CVE-2002-0118

Description

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

Affected products

Infopop/Ultimate Bulletin Board9 versions
cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:5.4.7e:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.4f:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.0beta:*:*:*:*:*:*:*
- cpe:2.3:a:infopop:ultimate_bulletin_board:6.2.0_beta_release_1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

online.securityfocus.com/archive/1/249031nvdExploitPatchVendor Advisory
www.iss.net/security_center/static/7838.phpnvdVendor Advisory
www.securityfocus.com/bid/3829nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000