Lucene search
+L

33 matches found

Cvelist
Cvelist
added 2005/06/21 4:0 a.m.25 views

CVE-2005-2030

Ultimate PHP Board UPB 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat...

6.6AI score0.03004EPSS
Exploits1References2
CVE
CVE
added 2005/06/20 4:0 a.m.52 views

CVE-2005-2003

CVE-2005-2003 affects Ultimate PHP Board (UPB) 1.9.6 GOLD. The vulnerability lets remote attackers obtain sensitive information by supplying an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, with the resulting error message revealing the path on the server.

5CVSS6.7AI score0.01212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/06/20 4:0 a.m.49 views

CVE-2005-2005

CVE-2005-2005 affects Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier. The vulnerability arises because UPB stores the users.dat file under the web document root with insufficient access control, allowing remote attackers to directly request db/users.dat and obtain sensitive user information. Rel...

5CVSS6.3AI score0.01212EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2005/06/18 12:0 a.m.32 views

UPBdecrypt.pl.txt

!/usr/bin/perl Passwords Decrypter for UPB $optf" || die "- Unable to open $optf: $!"; print RESULTS "Results for $opth\n","="x40,"\n\n"; for$in=0;$in/ && print RESULTS "Username: $1\n"; $page$in=m/^$1.?/ && print RESULTS "Crypted P...

7.4AI score
Exploits0
NVD
NVD
added 2005/06/16 4:0 a.m.13 views

CVE-2005-2003

Ultimate PHP Board UPB 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid zero id parameter to 1 viewtopic.php, 2 profile.php, or 3 newpost.php, which reveals the path in an error message...

5CVSS6.3AI score0.01212EPSS
Exploits0References2
exploitpack
exploitpack
added 2005/06/16 12:0 a.m.11 views

Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor

Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor !/usr/bin/perl Passwords Decrypter for UPB $optf" || die "- Unable to open $optf: $!"; print RESULTS "Results for $opth\n","="x40,"\n\n"; for$in=0;$in/ && print RESULTS "Username: $1\n"; $page$in=m/...

0.3AI score
Exploits0
CVE
CVE
added 2005/05/16 4:0 a.m.55 views

CVE-2005-1616

CVE-2005-1616 concerns Ultimate PHP Board (UPB). The connected docs show that UPB versions up to 1.9.6 (i.e.,

7.5CVSS6.6AI score0.01368EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2005/05/16 4:0 a.m.61 views

CVE-2005-1615

Ultimate PHP Board (UPB) versions 1.8 through 1.9.6 are affected by a vulnerability in viewforum.php where the postorder parameter is not properly handled by textdb.inc.php, potentially allowing remote attackers to read sensitive data via a SQL injection-like flaw. Multiple sources (CVE records a...

7.5CVSS7.4AI score0.02061EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/05/16 4:0 a.m.50 views

CVE-2005-1614

Vulnerability overview (CVE-2005-1614) : The UPB (Ultimate PHP Board) versions 1.8 through 1.9.6 are affected by a cross-site scripting (XSS) flaw in the viewforum.php script, exploitable via the postorder parameter. This can allow remote attackers to inject arbitrary script/HTML. The NVD reports...

6.8CVSS5.8AI score0.03653EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2005/05/16 4:0 a.m.21 views

CVE-2005-1615

viewforum.php in Ultimate PHP Board UPB 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability...

7.4AI score0.02061EPSS
Exploits0References2
CVE
CVE
added 2003/06/10 4:0 a.m.55 views

CVE-2003-0395

CVE-2003-0395 affects Ultimate PHP Board (UPB) 1.9. A remote attacker can execute arbitrary PHP code with UPB administrator privileges by sending PHP commands in the HTTP User-Agent header; code is executed when the administrator processes admin_iplog.php. The issue is caused by unsafely handling...

7.5CVSS7.5AI score0.02531EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2003/05/26 12:0 a.m.43 views

UPB: Discussion Board/Web-Site Takeover

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: UPB: Discussion Board/Web-Site Takeover product: Ultimate PHP Board v1.9 latest vendor: www.myupb.com risk: high date: 05/24/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/024.en.txt...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.98 views

Multiple Web Security Holes

I sent this three times to webappsec but without resultats. I try so on bugtraq, although that is less appropriate. ----------------------------------------------------- Five products in PHP are vulnerable to various holes. 1 TightAuction Website : http://www.tightprices.com Tested Version : 3.0...

7AI score
Exploits0
Rows per page
Query Builder