Vulnerabilities

CVE-2006-5511

by Fred · 25/10/2006

Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script, HTML, or PHP via the contents parameter, whose value is prepended to the file specified by the forum parameter.

Date published : 2006-10-25

http://www.securityfocus.com/bid/20679

https://www.exploit-db.com/exploits/2616

Similar

Tags: Cybersecurity Alert