https://www.exploit-db.com/exploits/25903
https://www.securityfocus.com/bid/89094
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200506-234

InfopopUBB.Threads6.5.2Beta试用版之前的版本存在多个SQL注入漏洞，远程攻击者可借助：(1)提交到download.php，(2)modifypost.php，(3)mailthread.php，或(4)notifymod.php的Number参数，(5)提交到calendar.php的month参数，或(6)year参数，(7)提交到viewmessage.php的message参数，(8)提交到addfav.php的main参数，或(9)提交到grabnext.php的posted参数，来执行任意SQL指令。

source: http://www.securityfocus.com/bid/14052/info
      
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
      
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

http://www.example.com/ubbt/grabnext.php?Cat=4&Board=UBB23&mode=showflat&sticky=0&dir=old&posted=1045942715[SQL]

UBBCentral UBB.threads 6.4.2

UBBCentral UBB.threads 6.4.1

UBBCentral UBB.threads 6.2.3

UBBCentral UBB.threads 6.2.2

UBBCentral UBB.threads 6.2.1

UBBCentral UBB.threads 6.

来源:MISC
链接:http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351
来源:MISC
链接:http://www.gulftech.org/?node=research&article;_id=00084-06232005
来源:BUGTRAQ
名称:20050624InfopopUBBThreadsMultipleVulnerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=111963737202040&w;=2