TUCoPS :: Web BBS :: etc :: tb10316.htm

UBB.threads (<= 6.1.1) SQL Injection Vulnerability
UBB.threads (<= 6.1.1) SQL Injection Vulnerability
UBB.threads (<= 6.1.1) SQL Injection Vulnerability



UBB.threads SQL Injection Vulnerability

The variable 'C' in UBB.threads is susceptible to SQL injection.

Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C=' 
Vulnerable: UBB.threads <= 6.1.1
Google d0rk: allintitle:"Forums powered by UBB.threads"

John Martinelli
john@martinelli.com 
http://john-martinelli.com 

april 8th, 2007

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH