Vubb: >> Vubb >> alpha_rc1 Security Vulnerabilities
Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php, (2) t parameter to viewtopic.php, and (3) view parameter to usercp.php.
CVSS Score
7.5
EPSS Score
0.008
Published
2005-12-31
Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified fields in the user edit profile.
CVSS Score
4.3
EPSS Score
0.003
Published
2005-12-31
Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-11-06
index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote (').
CVSS Score
5.0
EPSS Score
0.003
Published
2005-11-06