Usebb : Security Vulnerabilities, CVEs, CVSS score >= 9

CVE-2020-8088

panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
Max CVSS
9.8
EPSS Score
0.66%
Published
2020-01-27
Updated
2021-07-21

CVE-2011-3611

A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12.
Max CVSS
9.0
EPSS Score
2.00%
Published
2020-01-22
Updated
2020-01-29

CVE-2007-3963

Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade-0-4.php in install/, a different vulnerability than CVE-2005-4193.
Max CVSS
9.3
EPSS Score
0.69%
Published
2007-07-25
Updated
2018-10-15
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close