4.3

CVE-2006-2755

Exploit
Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
UbbcentralUbb.Threads Version5.0
UbbcentralUbb.Threads Version5.5.1
UbbcentralUbb.Threads Version6.0
UbbcentralUbb.Threads Version6.0.1
UbbcentralUbb.Threads Version6.0.2
UbbcentralUbb.Threads Version6.0.3
UbbcentralUbb.Threads Version6.1
UbbcentralUbb.Threads Version6.1.1
UbbcentralUbb.Threads Version6.2
UbbcentralUbb.Threads Version6.2.1
UbbcentralUbb.Threads Version6.2.2
UbbcentralUbb.Threads Version6.2.3
UbbcentralUbb.Threads Version6.3
UbbcentralUbb.Threads Version6.3.1
UbbcentralUbb.Threads Version6.4
UbbcentralUbb.Threads Version6.4.1
UbbcentralUbb.Threads Version6.4.2
UbbcentralUbb.Threads Version6.4.3
UbbcentralUbb.Threads Version6.4.4
UbbcentralUbb.Threads Version6.5
UbbcentralUbb.Threads Version6.5.1
UbbcentralUbb.Threads Version6.5.1.1
UbbcentralUbb.Threads Version6.5.2
UbbcentralUbb.Threads Version6.5.2_beta2
UbbcentralUbb.Threads Version6.5.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.09% 0.898
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N