VYPR

Ubb.threads

by Ubbcentral

CVEs (24)

  • CVE-2005-2060Jun 29, 2005
    risk 0.00cvss epss 0.01

    Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter.

  • CVE-2005-2061Jun 29, 2005
    risk 0.00cvss epss 0.01

    Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte.

  • CVE-2005-2057Jun 29, 2005
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number,…

  • CVE-2005-0726May 2, 2005
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter.

Page 2 of 2