ByteOS Network

jaxultrabb

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2008-2965

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-1.61% / 81.02%

7 Day CHG~0.00%

Published-02 Jul, 2008 | 17:00

Updated-07 Aug, 2024 | 09:21

Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.

Vendor-jaxbot n/a

Product-jaxultrabb n/a

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2008-2966

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.5||HIGH

EPSS-1.84% / 82.22%

7 Day CHG~0.00%

Published-02 Jul, 2008 | 17:00

Updated-07 Aug, 2024 | 09:21

Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information.

Vendor-jaxultrabb n/a

Product-jaxultrabb n/a

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2006-5511

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-2.6||LOW

EPSS-3.38% / 86.90%

7 Day CHG~0.00%

Published-25 Oct, 2006 | 22:00

Updated-07 Aug, 2024 | 19:55

Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script, HTML, or PHP via the contents parameter, whose value is prepended to the file specified by the forum parameter.

Vendor-jaxultrabb n/a

Product-jaxultrabb n/a