Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubbcentral | Ubb.Threads | <= 6.5.1.1 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=111963737202040&w=2ExploitMailing List
- http://www.gulftech.org/?node=research&article_id=00084-06232005Broken LinkExploitPatch
- http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#PosBroken LinkPatch
- http://marc.info/?l=bugtraq&m=111963737202040&w=2ExploitMailing List
- http://www.gulftech.org/?node=research&article_id=00084-06232005Broken LinkExploitPatch
- http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#PosBroken LinkPatch
FAQ
What is CVE-2005-2059?
CVE-2005-2059 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow r...
How severe is CVE-2005-2059?
CVE-2005-2059 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2059?
Check the references section above for vendor advisories and patch information. Affected products include: Ubbcentral Ubb.Threads.