Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field.
References
| Link | Resource |
|---|---|
| http://marc.info/?l=bugtraq&m=100586033530341&w=2 | Mailing List |
| http://marc.info/?l=bugtraq&m=100586541317940&w=2 | Mailing List |
Configurations
Configuration 1 (hide)
|
History
16 May 2023, 11:09
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:infopop:ultimate_bulletin_board:5.09:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.05:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.38:c:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.42:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.39:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.45:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.44:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.53:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.16:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.37:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.05:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.82:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.01:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.15:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.45:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.29:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.45:c:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:-:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.42:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.06:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.38:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.19:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.05:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.5:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.51:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.0:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.86:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.06:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.45:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.47:d:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.11:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.25:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.08:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.47:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.47:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.41:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.13:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.07:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.38:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.41:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.14:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.85:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.34:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.44:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.6:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.30:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.80:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.04:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.27:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.44:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.47:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.03:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.36:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:d:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.35:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.03:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.31:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.40:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:c:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.07:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.20:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.30:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.32:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.01:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.18:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.04:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.06:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.10:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.33:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.75:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.52:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.83:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.02:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.26:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.02:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.29:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.29:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.12:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.01:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.81:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.28:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.41:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.11:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.46:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.01:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.0:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.17:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.46:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.50:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.0:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.39:-:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.10:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.38:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.39:b:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.36:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.00:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.7:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:2.05:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.34:a:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.47:c:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.02:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.39:c:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:3.75:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.02:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:5.38:d:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:4.84:*:*:*:*:*:*:* cpe:2.3:a:infopop:ultimate_bulletin_board:1.0:*:*:*:*:*:*:* |
|
| References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=100586541317940&w=2 - Mailing List | |
| References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=100586033530341&w=2 - Mailing List |
Information
Published : 2001-11-15 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2001-0897
Mitre link : CVE-2001-0897
CVE.ORG link : CVE-2001-0897
JSON object : View
Products Affected
infopop
- ultimate_bulletin_board
CWE