CVE-2026-54222

Name of the Vulnerable Software and Affected Versions UBB.threads version 7.7.5

Description Insufficient input sanitization in the Members in Control Panel allows attackers to interact with the underlying database via Blind SQL Injection. This technique involves sending queries that the database answers with a boolean (true/false) or a time delay, enabling the extraction of sensitive information such as user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.