Vulnerabilities > Ubbcentral > UBB Threads > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-29 | CVE-2005-2057 | Cross-Site Scripting vulnerability in UBB.threads Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number, (6) Board, or (7) what parameter to showprofile.php, (8) fpart or (9) page parameter to showflat.php, or (10) like parameter to showmembers.php. network ubbcentral | 6.8 |
| 2004-12-31 | CVE-2004-2510 | Cross-Site Scripting vulnerability in UBBCentral UBB.threads Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter. network ubbcentral | 4.3 |
| 2004-12-31 | CVE-2004-2509 | Cross-Site Scripting vulnerability in Ubbcentral Ubb.Threads 6.2.3/6.5 Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter. network ubbcentral | 4.3 |