Vulnerabilities > CVE-2005-1199 - SQL Injection vulnerability in Infopop Ultimate Bulletin Board 6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | UBBCentral 6.0 UBB.threads Printthread.PHP SQL Injection Vulnerability. CVE-2005-1199 . Webapps exploit for php platform |
id | EDB-ID:25457 |
last seen | 2016-02-03 |
modified | 2005-03-11 |
published | 2005-03-11 |
reporter | HLL |
source | https://www.exploit-db.com/download/25457/ |
title | UBBCentral 6.0 UBB.threads Printthread.PHP SQL Injection Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | UBBTHREADS_PRINTTHREAD_SQL_INJECTION.NASL |
description | The remote host is running a version of UBB.threads that suffers from multiple vulnerabilities due to insufficient input validation - local file inclusion, HTTP response splitting, SQL injection, and cross-site scripting. These flaws may allow an attacker to completely compromise the affected installation of UBB.threads. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18098 |
published | 2005-04-20 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18098 |
title | UBB.threads < 6.5.2 beta Multiple Vulnerabilities |