Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

UBB.threads < editpost.php SQL Injection



The remote host is vulnerable to a SQL injection attack.


The remote host is running a version of UBB.threads that fails to sufficiently sanitize the 'Number' parameter before using it in SQL queries in the editpost.php script. As a result, a remote attacker can pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.


Upgrade to UBB.threads version or higher.