3 matches found
CVE-2001-0135
CVE-2001-0135 affects Ultraboard 2000, version 2.11. The default install creates Skins, Database, and Backups directories with world-writable permissions, enabling a local user to modify sensitive information or potentially insert and execute CGI programs. The connected OpenVAS/Nessus entries ref...
CVE-2000-0332
UltraBoard 1.6 is affected by a path traversal in UltraBoard.pl/UltraBoard.cgi that allows remote attackers to read arbitrary files by supplying a pathname containing .. followed by a null byte. The vulnerability is described as arbitrary file access via this traversal vector; no exploitation det...
CVE-2000-0426
CVE-2000-0426 affects UltraBoard 1.6 and other versions. The vulnerability arises when a remote attacker uses UltraBoard in the Session parameter, causing UltraBoard to fork copies of itself and trigger a denial of service. The description notes the root cause as improper handling of a Session va...