ultrascripts ultraboard 1.6 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations,...

CVE-2000-0332

UltraBoard 1.6 is affected by a path traversal in UltraBoard.pl/UltraBoard.cgi that allows remote attackers to read arbitrary files by supplying a pathname containing .. followed by a null byte. The vulnerability is described as arbitrary file access via this traversal vector; no exploitation det...

CVE-2000-0426

CVE-2000-0426 affects UltraBoard 1.6 and other versions. The vulnerability arises when a remote attacker uses UltraBoard in the Session parameter, causing UltraBoard to fork copies of itself and trigger a denial of service. The description notes the root cause as improper handling of a Session va...

UltraBoard 1.6 - Denial of Service

UltraBoard 1.6 - Denial of Service source: https://www.securityfocus.com/bid/1175/info UltraBoard 1.6 and possibly all 1.x versions and the new beta Ultraboard 2000 are vulnerable to this Denial of Service attack. A remote user is able to expend all of the available resources of the webserver by...