SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a register action to index.php, a different vulnerability than CVE-2006-0962.
CVSS Score
7.5
EPSS Score
0.006
Published
2006-12-02
vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive information via a direct request to includes/vubb.php, which leaks the path in an error message.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-12-02
SQL injection vulnerability in vuBB 0.2 allows remote attackers to execute arbitrary SQL commands via the pass parameter in a cookie.
CVSS Score
7.5
EPSS Score
0.008
Published
2006-03-02