Vulnerabilities > CVE-2004-2509 - Unspecified vulnerability in Ubbcentral Ubb.Threads 6.2.3/6.5

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
ubbcentral
nessus
exploit available

Summary

Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter.

Vulnerable Configurations

Part Description Count
Application
Ubbcentral
2

Exploit-Db

  • descriptionUBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS. CVE-2004-2509. Webapps exploit for php platform
    idEDB-ID:24827
    last seen2016-02-03
    modified2004-12-13
    published2004-12-13
    reporterdw. and ms.
    sourcehttps://www.exploit-db.com/download/24827/
    titleUBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS
  • descriptionUBBCentral UBB.threads 6.2.3/6.5 calendar.php Cat Parameter XSS. CVE-2004-2509. Webapps exploit for php platform
    idEDB-ID:24825
    last seen2016-02-03
    modified2004-12-13
    published2004-12-13
    reporterdw. and ms.
    sourcehttps://www.exploit-db.com/download/24825/
    titleUBBCentral UBB.threads 6.2.3/6.5 calendar.php Cat Parameter XSS
  • descriptionUBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS. CVE-2004-2509. Webapps exploit for php platform
    idEDB-ID:24826
    last seen2016-02-03
    modified2004-12-13
    published2004-12-13
    reporterdw. and ms.
    sourcehttps://www.exploit-db.com/download/24826/
    titleUBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS

Nessus

NASL familyCGI abuses : XSS
NASL idUBBTHREADS_XSS.NASL
descriptionThere are various cross-site scripting issues in the remote version of this software. An attacker may exploit them to use the remote website to inject arbitrary HTML and script code into a user
last seen2020-06-01
modified2020-06-02
plugin id15951
published2004-12-13
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15951
titleUBB.threads < 6.5.1 Multiple XSS