UBB.threads versions 6.1.1 and below suffer from a SQL injection vulnerability.
f1cb69d6ae3577ea459edaf39c3a92a47b4a87d42d7c887046e69cab85274b52
UBB.threads SQL Injection Vulnerability
The variable 'C' in UBB.threads is susceptible to SQL injection.
Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C='
Vulnerable: UBB.threads <= 6.1.1
Google d0rk: allintitle:"Forums powered by UBB.threads"
John Martinelli
john@martinelli.com
http://john-martinelli.com
april 8th, 2007