CVE-2005-2061

Name of the Vulnerable Software and Affected Versions: UBB.Threads versions prior to 6.5.2 Beta

Description: The issue allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte. This can be exploited by sending a crafted cookie with the vulnerable language parameter.

Recommendations: For versions prior to 6.5.2 Beta, update to version 6.5.2 Beta or later to resolve the issue. As a temporary workaround, consider restricting access to the language parameter in cookies to minimize the risk of exploitation.