Vulnerability Details CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securityreason.com/securityalert/2545
- http://www.securityfocus.com/archive/1/465076/100/0/threaded
- http://www.securityfocus.com/bid/23369
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33509
- http://securityreason.com/securityalert/2545
- http://www.securityfocus.com/archive/1/465076/100/0/threaded
- http://www.securityfocus.com/bid/23369
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33509
Products affected by CVE-2007-1956
-
cpe:2.3:a:ubbcentral:ubb.threads:-
-
cpe:2.3:a:ubbcentral:ubb.threads:6.0.0
-
cpe:2.3:a:ubbcentral:ubb.threads:6.0.1
-
cpe:2.3:a:ubbcentral:ubb.threads:6.0.2
-
cpe:2.3:a:ubbcentral:ubb.threads:6.0.3
-
cpe:2.3:a:ubbcentral:ubb.threads:6.1.0
-
cpe:2.3:a:ubbcentral:ubb.threads:6.1.1