Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:UBB.threads dosearch.php SQL injection

The remote host is running UBB.threads, a bulletin board system
written in PHP.

There is a SQL injection issue in the remote version of this software which
may allow an attacker to execute arbitrary SQL statements on the remote host
and to potentially overwrite arbitrary files on the remote system, by
sending a malformed value to the 'Name' argument of the file 'dosearch.php'.

Solution : Upgrade to the latest version of this software
Risk factor : High

CVSS Score:

Cross-Ref: BugTraq ID: 11502
Common Vulnerability Exposure (CVE) ID: CVE-2004-1622
Bugtraq: 20041021 SQL Injection in UBB.threads 3.4.x (Google Search)
XForce ISS Database: ubbthreads-sql-injection(17821)
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.