CVE-2006-5511
N/A
N/A
Summary
Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script, HTML, or PHP via the contents parameter, whose value is prepended to the file specified by the forum parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29711
- http://www.securityfocus.com/bid/20679
- http://attrition.org/pipermail/vim/2006-October/001095.html
- https://www.exploit-db.com/exploits/2616
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29711
- http://www.securityfocus.com/bid/20679
- http://attrition.org/pipermail/vim/2006-October/001095.html
- https://www.exploit-db.com/exploits/2616
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.