Lucene search
K

196 matches found

CVE
CVE
•added 2006/06/24 1:0 a.m.•45 views

CVE-2006-3205

CVE-2006-3205 affects Ultimate PHP Board (UPB) versions 1.9.6 and earlier. The issue stems from cookie-based authentication where parameters such as user_env , pass_env , power_env , and id_env can be modified to create a persistent logon that does not vary across sessions. This enables remote at...

5CVSS7.3AI score0.01351EPSS
Exploits0References3Affected Software1
CVE
CVE
•added 2006/06/24 1:0 a.m.•45 views

CVE-2006-3204

CVE-2006-3204 affects Ultimate PHP Board (UPB) up to version 1.9.6. The underlying issue is a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key when given the plaintext (password sent at login) and the cipher...

5CVSS7.1AI score0.01811EPSS
Exploits1References3Affected Software1
CVE
CVE
•added 2006/06/24 1:0 a.m.•51 views

CVE-2006-3203

The CVE-2006-3203 vulnerability affects Ultimate PHP Board (UPB) versions 1.9.6 and earlier, where a default administrator login and password exist. This root cause enables remote attackers to gain privileges (high impact) without authentication. Affected component: UPB installation process inclu...

10CVSS7.4AI score0.02684EPSS
Exploits1References3Affected Software1
CVE
CVE
•added 2006/06/24 1:0 a.m.•47 views

CVE-2006-3208

CVE-2006-3208 affects Ultimate PHP Board (UPB) up to version 1.9.6. The issue is a direct static code injection vulnerability that allows remote authenticated administrators to execute arbitrary PHP code via multiple configuration fields stored in admin_chatconfig.php, admin_configcss.php, admin_...

6.5CVSS7.8AI score0.01326EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
•added 2006/06/24 12:0 a.m.•5 views

PT-2006-4098 Ā· Upb Ā· Ultimate Php Board

Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board UPB versions 1.9.6 and earlier Description: The issue concerns a default administrator login account and password included in the installation of the software, allowing remote attackers to gain privileges. Recommendations:...

10CVSS7.1AI score0.02684EPSS
Exploits1References4
Positive Technologies
Positive Technologies
•added 2006/06/24 12:0 a.m.•5 views

PT-2006-4103 Ā· Upb Ā· Ultimate Php Board

Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board UPB versions 1.9.6 and earlier Description: The issue allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified configuration fields in admin chatconfig.php, admin configcss.php, admi...

6.5CVSS7.3AI score0.01326EPSS
Exploits1References4
Positive Technologies
Positive Technologies
•added 2006/06/24 12:0 a.m.•6 views

PT-2006-4100 Ā· Upb Ā· Ultimate Php Board

Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board UPB versions 1.9.6 and earlier Description: The issue allows remote attackers to gain access by modifying certain parameters in a cookie. These parameters, including user env, pass env, power env, and id env, can be exploit...

5CVSS6.7AI score0.01351EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2006/06/24 12:0 a.m.•4 views

PT-2006-4099 Ā· Upb Ā· Ultimate Php Board

Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board UPB versions 1.9.6 and earlier Description: The issue allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext. This is achieved by obtaining the plaintext password, which is sent wh...

5CVSS6.5AI score0.01811EPSS
Exploits1References4
0day.today
0day.today
•added 2006/06/20 12:0 a.m.•150 views

Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit

Exploit for unknown platform in category web applications ================================================================ Ultimate PHP Board "; $ikey = ordsubstr$key, $i, 1; // print $i."ikey:".$ikey.""; $itext = ordsubstr$text, $i, 1; // print $i."itext:".$itext.""; $nkey = ordsubstr$key, $i+1...

7.1AI score
Exploits0
exploitpack
exploitpack
•added 2006/06/20 12:0 a.m.•19 views

Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities

Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities "; $ikey = ordsubstr$key, $i, 1; // print $i."i...

0.3AI score
Exploits0
OpenVAS
OpenVAS
•added 2006/03/26 12:0 a.m.•18 views

Ultimate PHP Board multiple XSS vulnerabilities

The remote version of Ultimate PHP Board UPB is affected by several cross-site scripting vulnerabilities. This issue is due to a failure of the application to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a...

6.7AI score
Exploits0References10
OpenVAS
OpenVAS
•added 2006/03/26 12:0 a.m.•21 views

Ultimate PHP Board 'users.dat' Information Disclosure Vulnerability

Ultimate PHP Board UPB is prone to an information disclosure vulnerability SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.03004EPSS
Exploits1References4
OpenVAS
OpenVAS
•added 2005/11/03 12:0 a.m.•31 views

Ultimate PHP Board Information Leak

The remote host is running Ultimate PHP Board UPB. There is a flaw in this version which may allow an attacker to view private message board information. OpenVAS Vulnerability Test $Id: upbinfoleak.nasl 5780 2017-03-30 07:37:12Z cfi $ Description: Ultimate PHP Board Information Leak Authors: Erik...

5CVSS6.7AI score0.01309EPSS
Exploits1References1
OpenVAS
OpenVAS
•added 2005/11/03 12:0 a.m.•14 views

Ultimate PHP Board Information Leak

The remote host is running Ultimate PHP Board UPB. There is a flaw in this version which may allow an attacker to view private message board information. SPDX-FileCopyrightText: 2004 Edgeos, Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

5CVSS6.7AI score0.01309EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
•added 2005/08/24 12:0 a.m.•37 views

Ultimate PHP Board 1.9.6 GOLD Multiple Scripts XSS (2)

The remote host is running Ultimate PHP Board UPB. The remote version of this software is affected by several cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input. %NASLMINLEVEL 70300 This script was written by Josh...

5CVSS5.4AI score0.01164EPSS
Exploits1References3
Packet Storm
Packet Storm
•added 2005/08/07 12:0 a.m.•973 views

UltimatePHPBoard.txt

Ultimate PHP Board UPB Security Advisory By : Morinex e-mail : morinexatmarocmafia com date : 13-05-2k5 shoutz : w00pie.nl Target : Ultimate PHP Board UPB Vulnerable Versions: v. 1.8 until v 1.9.6 URL : http://www.myupb.com - http://www.myupb.com/forum/ Tested Localhost , Myupb.com. UPB is a...

7.4AI score
Exploits0
Cvelist
Cvelist
•added 2005/06/28 4:0 a.m.•23 views

CVE-2002-1821

Ultimate PHP Board UPB 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to 1 adminmembers.php, 2 adminconfig.php, 3 admincat.php, or 4 adminforum.php...

6.7AI score0.00667EPSS
Exploits0References2
Cvelist
Cvelist
•added 2005/06/28 4:0 a.m.•22 views

CVE-2002-1820

register.php in Ultimate PHP Board UPB 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."...

9.5AI score0.02375EPSS
Exploits0References3
CVE
CVE
•added 2005/06/28 4:0 a.m.•45 views

CVE-2002-1821

Affected software: Ultimate PHP Board (UPB) 1.0 and 1.0b. Vulnerability: Remote authenticated users can gain privileges and perform unauthorized actions by making direct requests to specific admin pages: admin_members.php, admin_config.php, admin_cat.php, and admin_forum.php. Root cause/impact: T...

4.6CVSS7.1AI score0.00667EPSS
Exploits0References2Affected Software1
CVE
CVE
•added 2005/06/28 4:0 a.m.•45 views

CVE-2002-1820

The CVE-2002-1820 entry concerns Ultimate PHP Board (UPB) versions 1.0 and 1.0b where register.php uses an administrative account named Admin (capital A) but allows a remote attacker to impersonate the administrator by registering a user named admin (lowercase a). The root cause is inconsistent c...

9.8CVSS7.1AI score0.02375EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder