Security Advisory

CVE-2006-5511

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-10-25 22:00:00

Last updated 2024-08-07 19:55:52

Assigner mitre

State PUBLISHED

Description

Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script, HTML, or PHP via the contents parameter, whose value is prepended to the file specified by the forum parameter.

← Browse all CVEs View on cve.org ↗