CVE-2008-6970

EUVD-2008-6929
SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
ubbcentralubb.threads
𝑥
≤ 7.3.1
ubbcentralubb.threads
3.4
ubbcentralubb.threads
3.5
ubbcentralubb.threads
5.0
ubbcentralubb.threads
5.5.1
ubbcentralubb.threads
6.0
ubbcentralubb.threads
6.0.1
ubbcentralubb.threads
6.0.2
ubbcentralubb.threads
6.0.3
ubbcentralubb.threads
6.1
ubbcentralubb.threads
6.1.1
ubbcentralubb.threads
6.2
ubbcentralubb.threads
6.2.1
ubbcentralubb.threads
6.2.2
ubbcentralubb.threads
6.2.3
ubbcentralubb.threads
6.3
ubbcentralubb.threads
6.3.1
ubbcentralubb.threads
6.4
ubbcentralubb.threads
6.4.1
ubbcentralubb.threads
6.4.2
ubbcentralubb.threads
6.4.3
ubbcentralubb.threads
6.4.4
ubbcentralubb.threads
6.5
ubbcentralubb.threads
6.5.1
ubbcentralubb.threads
6.5.1.1
ubbcentralubb.threads
6.5.2
ubbcentralubb.threads
6.5.2_beta2:_beta2
ubbcentralubb.threads
6.5.3
ubbcentralubb.threads
7.0
ubbcentralubb.threads
7.1
ubbcentralubb.threads
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/47954
http://secunia.com/advisories/31804
http://www.gulftech.org/?node=research&article_id=00130-09082008
http://www.securityfocus.com/bid/31074
http://www.ubbcentral.com/forums/ubbthreads.php/topics/216722/
https://exchange.xforce.ibmcloud.com/vulnerabilities/44976
http://osvdb.org/47954
http://secunia.com/advisories/31804
http://www.gulftech.org/?node=research&article_id=00130-09082008
http://www.securityfocus.com/bid/31074
http://www.ubbcentral.com/forums/ubbthreads.php/topics/216722/
https://exchange.xforce.ibmcloud.com/vulnerabilities/44976