ID CVE-2002-2322 Type cve Reporter NVD Modified 2008-09-05T16:32:55
Description
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2322", "history": [], "references": ["http://archives.neohapsis.com/archives/bugtraq/2002-10/0016.html", "http://www.iss.net/security_center/static/10300.php", "http://www.securityfocus.com/bid/5858"], "lastseen": "2016-09-03T03:51:28", "bulletinFamily": "NVD", "title": "CVE-2002-2322", "cpe": ["cpe:/a:ultimate_php_board:ultimate_php_board:1.0_beta"], "viewCount": 0, "id": "CVE-2002-2322", "hash": "6169a41a940f424f2840b49ee3ff83b11a6c7929a094624ea630ccef52df8fe9", "description": "Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2002-2322"], "scanner": [], "modified": "2008-09-05T16:32:55", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "2002-12-31T00:00:00", "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2016-09-03T03:51:28"}, "vulnersScore": 5.0}}
