Vulnerabilities > CVE-2007-3963 - Unspecified vulnerability in Usebb

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

usebb

exploit available

NVD

Published: 2007-07-25

Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade-0-4.php in install/, a different vulnerability than CVE-2005-4193.

Vulnerable Configurations

Part	Description	Count
Application	Usebb Usebb Usebb 1.0.7 Usebb Usebb 1.0.5 Usebb Usebb 1.0_Rc3 Usebb Usebb 1.0_Rc1 Usebb Usebb 1.0.4 Usebb Usebb 1.0.6 Usebb Usebb 1.0_Rc2 Usebb Usebb 1.0.1 Usebb Usebb 1.0.2 Usebb Usebb 1.0 Usebb Usebb 1.0.3	11

Exploit-Db

description	UseBB 1.0.7 install/upgrade-0-2-3.php PHP_SELF Parameter XSS. CVE-2007-3963. Webapps exploit for php platform
id	EDB-ID:30323
last seen	2016-02-03
modified	2007-07-20
published	2007-07-20
reporter	s4mi
source	https://www.exploit-db.com/download/30323/
title	UseBB 1.0.7 install/upgrade-0-2-3.php PHP_SELF Parameter XSS

description	UseBB 1.0.7 install/upgrade-0-3.php PHP_SELF Parameter XSS. CVE-2007-3963. Webapps exploit for php platform
id	EDB-ID:30324
last seen	2016-02-03
modified	2007-07-20
published	2007-07-20
reporter	s4mi
source	https://www.exploit-db.com/download/30324/
title	UseBB 1.0.7 install/upgrade-0-3.php PHP_SELF Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

References