Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
UBB.threads 6 SQL Injection
Mar 11 2005 04:58PM
kre0n mail ru
ADZ Security Team
===================
Info
Program: UBB.threads
Version: 6
Module: editpost.php
Bug type: SQL Injection
Vendor site: http://www.ubbcentral.com/ubbthreads/
===================
Bug discription
at editpost.php we can see this code:
// START
$Cat = get_input("Cat","get");
$Board = g...
[ more ]
Privacy Statement
Copyright 2009, SecurityFocus
ADZ Security Team
===================
Info
Program: UBB.threads
Version: 6
Module: editpost.php
Bug type: SQL Injection
Vendor site: http://www.ubbcentral.com/ubbthreads/
===================
Bug discription
at editpost.php we can see this code:
// START
$Cat = get_input("Cat","get");
$Board = g...
[ more ]