CVE-2006-2755

Published: Jun 2, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords.

Affected (25)

Products: Ubbcentral: Ubb.threads

Ubbcentral

1 product

Ubb.threads

Configuration A

25 vulnerable

Vulnerable Software	Affected Versions
Ubbcentral Ubb.threads	Version 5.0
Ubbcentral Ubb.threads	Version 5.5.1
Ubbcentral Ubb.threads	Version 6.0.1
Ubbcentral Ubb.threads	Version 6.0.2
Ubbcentral Ubb.threads	Version 6.0.3
Ubbcentral Ubb.threads	Version 6.0
Ubbcentral Ubb.threads	Version 6.1.1
Ubbcentral Ubb.threads	Version 6.1
Ubbcentral Ubb.threads	Version 6.2.1
Ubbcentral Ubb.threads	Version 6.2.2
Ubbcentral Ubb.threads	Version 6.2.3
Ubbcentral Ubb.threads	Version 6.2
Ubbcentral Ubb.threads	Version 6.3.1
Ubbcentral Ubb.threads	Version 6.3
Ubbcentral Ubb.threads	Version 6.4.1
Ubbcentral Ubb.threads	Version 6.4.2
Ubbcentral Ubb.threads	Version 6.4.3
Ubbcentral Ubb.threads	Version 6.4.4
Ubbcentral Ubb.threads	Version 6.4
Ubbcentral Ubb.threads	Version 6.5.1.1
Ubbcentral Ubb.threads	Version 6.5.1
Ubbcentral Ubb.threads	Version 6.5.2
Ubbcentral Ubb.threads	Version 6.5.2_beta2
Ubbcentral Ubb.threads	Version 6.5.3
Ubbcentral Ubb.threads	Version 6.5