Usebb : Security Vulnerabilities, CVEs, Published In 2007
Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade-0-4.php in install/, a different vulnerability than CVE-2005-4193.
Max CVSS
9.3
EPSS Score
0.69%
Published
2007-07-25
Updated
2018-10-15
UseBB before 1.0.6 allows remote attackers to obtain sensitive information via a request with unspecified GET or POST parameters to an unspecified script, which reveals the path in an error message.
Max CVSS
5.0
EPSS Score
0.22%
Published
2007-04-18
Updated
2008-09-05
2 vulnerabilities found