UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
| EKU-ID: 31232 | CVE: CVE-2005-2058;OSVDB-17525;BID: 14052;GTSA-00077 | OSVDB-ID: |
| Author: GulfTech Security | Published: 2005-06-24 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31232 | CVE: CVE-2005-2058;OSVDB-17525;BID: 14052;GTSA-00077 | OSVDB-ID: |
| Author: GulfTech Security | Published: 2005-06-24 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. http://www.example.com/ubbt/download.php?Number=42227[SQL]