Medium severity6.5NVD Advisory· Published Jun 29, 2005· Updated Apr 16, 2026

CVE-2005-2059

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.

Affected products

Ubbcentral/Ubb.threads
cpe:2.3:a:ubbcentral:ubb.threads:*:*:*:*:*:*:*:*
Range: <=6.5.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/nvdBroken LinkPatch
marc.infonvdExploitMailing List
www.gulftech.orgnvdBroken LinkExploitPatchVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000