Vulnerabilities > Usebb > Usebb > 0.6

DATE CVE VULNERABILITY TITLE RISK
2020-01-22 CVE-2011-3612 Cross-Site Request Forgery (CSRF) vulnerability in Usebb
Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12.
network
usebb CWE-352
6.8
6.8
2020-01-22 CVE-2011-3611 Improper Input Validation vulnerability in Usebb
A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12.
network
low complexity
usebb CWE-20
critical
 9.0
9.0
2010-10-28 CVE-2010-3713 Permissions, Privileges, and Access Controls vulnerability in Usebb
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed.
network
usebb CWE-264
4.3
4.3
2005-12-13 CVE-2005-4193 Cross-Site Scripting vulnerability in UseBB PHP_SELF
Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows remote attackers to inject arbitrary web script or HTML via the $_SERVER['PHP_SELF'] variable.
network
usebb
4.3
4.3