CVE-2002-0118
published 2002-03-25CVE-2002-0118: Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and…
PriorityP428high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.10%
93.4th percentile
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
| infopop | ultimate_bulletin_board | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft BizTalk Server 2000/2002 DTA - 'rawdocdata.asp' SQL Injection
exploitdb·2003-04-30
CVE-2003-0118 Microsoft BizTalk Server 2000/2002 DTA - 'rawdocdata.asp' SQL Injection
Microsoft BizTalk Server 2000/2002 DTA - 'rawdocdata.asp' SQL Injection
---
source: https://www.securityfocus.com/bid/7470/info
A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface.
This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database.
http://server/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'--
http://server/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnD
Exploit-DB
Microsoft BizTalk Server 2000/2002 DTA - 'RawCustomSearchField.asp' SQL Injection
exploitdb·2003-04-30
CVE-2003-0118 Microsoft BizTalk Server 2000/2002 DTA - 'RawCustomSearchField.asp' SQL Injection
Microsoft BizTalk Server 2000/2002 DTA - 'RawCustomSearchField.asp' SQL Injection
---
source: https://www.securityfocus.com/bid/7470/info
A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface.
This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database.
http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'--
http://server/biztalktracking/RawCustomSearch
Exploit-DB
Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting
exploitdb·2002-01-09
CVE-2002-0118 Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting
Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting
---
source: https://www.securityfocus.com/bid/3829/info
UBB (Ultimate Bulletin Board) is commercial web forums/community software that is written in Perl. It runs on various Unix/Linux variants, as well as Microsoft Windows NT/2000.
UBB is prone to cross-agent scripting attacks via the insertion of HTML tags into image links in messages. Due to insufficient input validation, it is possible to insert arbitrary script code in forum messages/replies. The malicious script code will be executed in the browser of the user viewing the message, in the context of the site running UBB.
This makes it possible for a malicious user to post a message which is capable of stealing another legitimate user's cookie-based authentication credent
No writeups or analysis indexed.
2002-03-25
Published