CVE-2005-2061

Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte.

Published: Jun 29, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2061
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ubbcentral / ubb.threads	6.5	6.5.x
ubbcentral / ubb.threads	6.5.1	6.5.1.x
ubbcentral / ubb.threads	6.1	6.1.x
ubbcentral / ubb.threads	6.2.1	6.2.1.x
ubbcentral / ubb.threads	6.0.1	6.0.1.x
ubbcentral / ubb.threads	6.4.4	6.4.4.x
ubbcentral / ubb.threads	6.4.3	6.4.3.x
ubbcentral / ubb.threads	6.4.2	6.4.2.x
ubbcentral / ubb.threads	6.4.1	6.4.1.x
ubbcentral / ubb.threads	6.2.2	6.2.2.x
ubbcentral / ubb.threads	6.2	6.2.x
ubbcentral / ubb.threads	6.5.1.1	6.5.1.1.x
ubbcentral / ubb.threads	6.0.3	6.0.3.x
ubbcentral / ubb.threads	6.1.1	6.1.1.x
ubbcentral / ubb.threads	6.4	6.4.x
ubbcentral / ubb.threads	6.3.1	6.3.1.x
ubbcentral / ubb.threads	6.0.2	6.0.2.x
ubbcentral / ubb.threads	6.3	6.3.x
ubbcentral / ubb.threads	6.2.3	6.2.3.x
ubbcentral / ubb.threads	6.0	6.0.x

Vulnerability Database

289,697

CVE-2005-2061