Vubb
Products
1- 7 CVEs
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-0962 | 0.03 | — | 0.01 | Mar 2, 2006 | SQL injection vulnerability in vuBB 0.2 allows remote attackers to execute arbitrary SQL commands via the pass parameter in a cookie. | ||
| CVE-2005-3512 | 0.03 | — | 0.00 | Nov 6, 2005 | Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action. | ||
| CVE-2006-6230 | 0.00 | — | 0.01 | Dec 2, 2006 | SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a register action to index.php, a different vulnerability than CVE-2006-0962. | ||
| CVE-2006-6231 | 0.00 | — | 0.00 | Dec 2, 2006 | vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive information via a direct request to includes/vubb.php, which leaks the path in an error message. | ||
| CVE-2005-4613 | 0.00 | — | 0.00 | Dec 31, 2005 | Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified fields in the user edit profile. | ||
| CVE-2005-4612 | 0.00 | — | 0.01 | Dec 31, 2005 | Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php, (2) t parameter to viewtopic.php, and (3) view parameter to usercp.php. | ||
| CVE-2005-3513 | 0.00 | — | 0.00 | Nov 6, 2005 | index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote ('). |
- CVE-2006-0962Mar 2, 2006risk 0.03cvss —epss 0.01
SQL injection vulnerability in vuBB 0.2 allows remote attackers to execute arbitrary SQL commands via the pass parameter in a cookie.
- CVE-2005-3512Nov 6, 2005risk 0.03cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action.
- CVE-2006-6230Dec 2, 2006risk 0.00cvss —epss 0.01
SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a register action to index.php, a different vulnerability than CVE-2006-0962.
- CVE-2006-6231Dec 2, 2006risk 0.00cvss —epss 0.00
vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive information via a direct request to includes/vubb.php, which leaks the path in an error message.
- CVE-2005-4613Dec 31, 2005risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified fields in the user edit profile.
- CVE-2005-4612Dec 31, 2005risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php, (2) t parameter to viewtopic.php, and (3) view parameter to usercp.php.
- CVE-2005-3513Nov 6, 2005risk 0.00cvss —epss 0.00
index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote (').