Vulnerabilities > Ubbcentral > UBB Threads > 3.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-23 | CVE-2012-5104 | Cross-Site Scripting vulnerability in Ubbcentral Ubb.Threads Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter. | 4.3 |
2009-08-13 | CVE-2008-6970 | SQL Injection vulnerability in Ubbcentral Ubb.Threads SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter. | 7.5 |
2006-05-30 | CVE-2006-2675 | Remote Security vulnerability in UBB.threads PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters. | 5.1 |
2004-10-21 | CVE-2004-1622 | SQL Injection vulnerability in Ubbcentral Ubb.Threads 3.4/3.5 SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter. | 7.5 |