← Back

CVE-2007-3963

nvd nist
Published: Jul 25, 2007Modified: Apr 23, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade-0-4.php in install/, a different vulnerability than CVE-2005-4193.

Affected (11)

Products: Usebb: Usebb
Usebb
1 product
Usebb
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Usebb
Usebb
Version 1.0.1
Usebb
Version 1.0.2
Usebb
Version 1.0.3
Usebb
Version 1.0.4
Usebb
Version 1.0.5
Usebb
Version 1.0.6
Usebb
Version 1.0.7
Usebb
Version 1.0
Usebb
Version 1.0_rc1
Usebb
Version 1.0_rc2
Usebb
Version 1.0_rc3

References (6)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.