Ubbcentral: >> Ubb.threads >> 3.4 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter.
CVSS Score
4.3
EPSS Score
0.063
Published
2012-09-23
SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.
CVSS Score
7.5
EPSS Score
0.019
Published
2009-08-13
PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.
CVSS Score
5.1
EPSS Score
0.017
Published
2006-05-30
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2004-10-21