Ubbcentral Ubb.threads — known CVE vulnerabilities
Every CVE whose affected-product data names Ubbcentral Ubb.threads, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2006-0545 — CVSS 7.5 (high): SQL injection vulnerability in showflat.php in Groupee (formerly known as Infopop) UBB.threads 6.3 and earlier allows remote attackers to…
CVE-2004-1622 — CVSS 7.5 (high): SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name…
CVE-2006-5136 — CVSS 7.5 (high): Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute…
CVE-2005-0726 — CVSS 7.5 (high): SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number…
CVE-2008-6970 — CVSS 7.5 (high): SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands…
CVE-2007-1956 — CVSS 7.5 (high): SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL…
CVE-2005-2058 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands…
CVE-2005-2057 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web…
CVE-2005-2059 — CVSS 6.5 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4)…
CVE-2006-2568 — CVSS 5.1 (medium): PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB.threads 6.4 through 6.5.2 and 6.5.1.1 (trial) allows remote attackers…
CVE-2006-5137 — CVSS 5.1 (medium): Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to (1) inject PHP code via a…
CVE-2006-2675 — CVSS 5.1 (medium): PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via…
CVE-2006-1423 — CVSS 5.0 (medium): SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute…
CVE-2005-2060 — CVSS 5.0 (medium): Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads…
CVE-2005-2061 — CVSS 5.0 (medium): Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by…
CVE-2006-5138 — CVSS 5.0 (medium): Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php…
CVE-2012-5104 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject…
CVE-2004-2510 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web…
CVE-2004-2509 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5…
CVE-2006-2755 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script…