CVE Vulnerabilities

CVE-2007-3963

Published: Jul 25, 2007 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade-0-4.php in install/, a different vulnerability than CVE-2005-4193.

Affected Software

Name Vendor Start Version End Version
Usebb Usebb 1.0 1.0
Usebb Usebb 1.0.1 1.0.1
Usebb Usebb 1.0.2 1.0.2
Usebb Usebb 1.0.3 1.0.3
Usebb Usebb 1.0.4 1.0.4
Usebb Usebb 1.0.5 1.0.5
Usebb Usebb 1.0.6 1.0.6
Usebb Usebb 1.0.7 1.0.7
Usebb Usebb 1.0_rc1 1.0_rc1
Usebb Usebb 1.0_rc2 1.0_rc2
Usebb Usebb 1.0_rc3 1.0_rc3

References