Unrated severityNVD Advisory· Published Sep 23, 2012· Updated Apr 29, 2026
CVE-2012-5104
CVE-2012-5104
Description
Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter.
Affected products
42cpe:2.3:a:ubbcentral:ubb.threads:*:*:*:*:*:*:*:*+ 41 more
- cpe:2.3:a:ubbcentral:ubb.threads:*:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.2_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:7.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- packetstormsecurity.org/files/108353/ubbforum-xss.txtnvdExploit
- st2tea.blogspot.com/2012/01/ubb-forum756-cross-site-scripting.htmlnvdExploit
- www.securityfocus.com/bid/51275nvdExploit
- secunia.com/advisories/47452nvdVendor Advisory
- www.osvdb.org/78192nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/72147nvd
News mentions
0No linked articles in our index yet.