Ubbcentral: >> Ubb.threads >> 6.0.2 Security Vulnerabilities
Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-06-29
Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-06-29
Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter.
CVSS Score
4.3
EPSS Score
0.029
Published
2004-12-31
Page 2