{"api_version":"1","generated_at":"2026-06-20T10:28:23+00:00","cve":"CVE-2005-2059","urls":{"html":"https://cve.report/CVE-2005-2059","api":"https://cve.report/api/cve/CVE-2005-2059.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-2059","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-2059"},"summary":{"title":"CVE-2005-2059","description":"Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-06-29 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["CWE-352","n/a"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.gulftech.org/?node=research&article_id=00084-06232005","name":"http://www.gulftech.org/?node=research&article_id=00084-06232005","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit","Patch","Vendor Advisory"],"title":"Contact Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=111963737202040&w=2","name":"http://marc.info/?l=bugtraq&m=111963737202040&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List"],"title":"'Infopop UBB Threads Multiple Vulnerabilities' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351","name":"http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch"],"title":"PHP forum software since 1997 - UBB.threads","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-2059","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2059","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"2059","vulnerable":"1","versionEndIncluding":"6.5.1.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ubbcentral","cpe5":"ubb.threads","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T22:15:37.336Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.gulftech.org/?node=research&article_id=00084-06232005"},{"name":"20050624 Infopop UBB Threads Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=111963737202040&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-06-24T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-10-17T13:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351"},{"tags":["x_refsource_MISC"],"url":"http://www.gulftech.org/?node=research&article_id=00084-06232005"},{"name":"20050624 Infopop UBB Threads Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=111963737202040&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-2059","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351","refsource":"MISC","url":"http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351"},{"name":"http://www.gulftech.org/?node=research&article_id=00084-06232005","refsource":"MISC","url":"http://www.gulftech.org/?node=research&article_id=00084-06232005"},{"name":"20050624 Infopop UBB Threads Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=111963737202040&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-2059","datePublished":"2005-06-28T04:00:00.000Z","dateReserved":"2005-06-29T00:00:00.000Z","dateUpdated":"2024-08-07T22:15:37.336Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-06-29 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["CWE-352","n/a"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ubbcentral:ubb.threads:*:*:*:*:*:*:*:*","versionEndIncluding":"6.5.1.1","matchCriteriaId":"B3A4DDC9-01E4-462A-A95F-774B4E31B37C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"2059","Ordinal":"1","Title":"CVE-2005-2059","CVE":"CVE-2005-2059","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"2059","Ordinal":"1","NoteData":"Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.","Type":"Description","Title":"CVE-2005-2059"},{"CveYear":"2005","CveId":"2059","Ordinal":"2","NoteData":"2005-06-28","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"2059","Ordinal":"3","NoteData":"2016-10-17","Type":"Other","Title":"Modified"}]}}}