Ubbcentral » Ubb.threads : Security Vulnerabilities, CVEs, Published In 2005 (Sql injection) CVSS score >= 2
Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.
Max CVSS
7.5
EPSS Score
0.31%
Published
2005-06-29
Updated
2016-10-18
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter.
Max CVSS
7.5
EPSS Score
0.15%
Published
2005-05-02
Updated
2016-10-18
2 vulnerabilities found