Lucene search
K

196 matches found

NVD
NVD
added 2015/03/10 2:59 p.m.25 views

CVE-2015-2217

Multiple cross-site scripting XSS vulnerabilities in Ultimate PHP Board aka myUPB before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the 1 q parameter to search.php or 2 avatar parameter to profile.php...

4.3CVSS5.8AI score0.01892EPSS
Exploits3References5
Prion
Prion
added 2015/03/10 2:59 p.m.10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ultimate PHP Board aka myUPB before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the 1 q parameter to search.php or 2 avatar parameter to profile.php...

4.3CVSS6.1AI score0.01892EPSS
Exploits3References5Affected Software1
CVE
CVE
added 2015/03/10 2:0 p.m.48 views

CVE-2015-2217

Ultimate PHP Board (UPB, also known as myUPB) is affected by multiple XSS vulnerabilities. The CVE-2015-2217 entry describes remote XSS via the q parameter in search.php or the avatar parameter in profile.php, with impact described as injection of arbitrary web script/HTML. Public sources within ...

4.3CVSS5.9AI score0.01892EPSS
Exploits3References5Affected Software1
Packet Storm
Packet Storm
added 2015/03/05 12:0 a.m.255 views

Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting

Exploit Title : Ultimate PHP Board UPB 2.2.7 Cross Site Scripting Vulnerability CVE : CVE-2015-2217 Date : 4 March 2015 Exploit Author : CWH Underground Discovered By : ZeQ3uL Site : www.2600.in.th Vendor Homepage : http://www.myupb.com Software Link :...

4.3CVSS0.3AI score0.01892EPSS
Exploits3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Ultimate PHP Board <= 2.0 (header_simple.php) File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Ultimate PHP Board 1.9 admin_iplog.PHP Arbitrary PHP Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7678/info A vulnerability has been reported in Ultimate PHP Board. The problem is said to occur due to insufficient sanitization of user-supplied input before including log data into a PHP file. As a result, it may be...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor

No description provided by source. !/usr/bin/perl Passwords Decrypter for UPB = 1.9.6 Related advisory: http://www.securityfocus.com/archive/1/402461/30/0/threaded Discovered and Coded by Alberto Trivero Password file is located at: http://www.example.com/upb/db/users.dat /str0ke use Getopt::Std;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Ultimate PHP Board 2.2.7 Broken Authentication and Session Management

No description provided by source. Exploit Title : Ultimate PHP Board 2.2.7 Broken Authentication and Session Management Date : 2011.05.17 Author : i2sec - Gi bum Hong Software Link : http://sourceforge.net/projects/textmb/files/UPB/UPB%202.2.7/ Version : 2.2.7 Tested on : apache 2.2.14 | mysql...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13971/info Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

PHP-Board 1.0 User Password Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Ultimate PHP Board 1.8/1.9 ViewForum.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13621/info Ultimate PHP Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Ultimate PHP Board 1.0/1.1 Image Tag Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4603/info Ultimate PHP Board UPB is web forum software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Ultimate PHP Board does not filter script code from image tags. This may...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit

No description provided by source. ?php / Advisory: http://www.kliconsulting.com/users/mbrooks/UPBadvisory.rtf Vendors site: http://forum.myupb.com/ Download: http://fileserv.myupb.com/download.php?url=upb196GOLD.zip http://prdownloads.sourceforge.net/textmb/upb1.8.2.zip?download Download Mirror:...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.179 views

Ultimate PHP Board <= 2.0b1 (chat/login.php) Code Execution Exploit

No description provided by source. !/usr/bin/perl +------------------------------------------------------------------------------------------- + Ultimate PHP Board = 2.0b1 chat/login.php Remote Code Execution Vulnerability...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Ultimate PHP Board 1.8/1.9 ViewForum.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13622/info Ultimate PHP Board is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/01/07 12:0 a.m.1 views

Ultimate PHP Board User-Agent HTTP Header Code Execution - Ver2 (CVE-2003-0395)

A code execution vulnerability has been reported in Ultimate PHP Board. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.6AI score0.02531EPSS
Exploits0
exploitpack
exploitpack
added 2011/05/20 12:0 a.m.20 views

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management Exploit Title : Ultimate PHP Board 2.2.7 "Broken Authentication and Session Management" Date : 2011.05.17 Author : i2sec - Gi bum Hong Software Link : http://sourceforge.net/projects/textmb/files/UPB/UPB%202.2.7/ Version :...

0.6AI score
Exploits0
Prion
Prion
added 2009/04/20 2:30 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Ultimate PHP Board UPB 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

4.3CVSS6.2AI score0.01499EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2009/04/20 2:30 p.m.19 views

CVE-2008-6727

Cross-site scripting XSS vulnerability in Ultimate PHP Board UPB 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

4.3CVSS5.8AI score0.01499EPSS
Exploits1References5
CVE
CVE
added 2009/04/20 2:6 p.m.50 views

CVE-2008-6727

CVE-2008-6727 describes a cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) versions up to 2.x, specifically 2.2.2 and 2.2.1 (and earlier 2.x). The issue arises from accepting the User-Agent HTTP header without proper sanitization, enabling a remote attacker to inject arbitrary...

4.3CVSS6AI score0.01499EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder