SQL Injection in Ubb Systems Ubb.threads
CVE-2026-54222
UBB.threads is vulnerable to Blind SQL Injection, allowing attackers with access to the Members in Control Panel to interact with the underlying database. Due to insufficient input sanitization, an attacker can extract sensitive informatio…
Vulnerability class: SQL Injection
Affected products
- Ubb Systems Ubb.threads — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (product)
- cvd@cert.pl (third-party-advisory)