Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-5136 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[thispath] or (2) GLOBALS[configdir] parameter.
|
17-10-2018 - 21:41 | 03-10-2006 - 04:03 | |
CVE-2006-5137 | 5.1 |
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP c
|
17-10-2018 - 21:41 | 03-10-2006 - 04:03 | |
CVE-2006-5138 | 5.0 |
Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message.
|
17-10-2018 - 21:41 | 03-10-2006 - 04:03 |