Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ultimate php board ultimate php board 1.9.6 gold vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2003
Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote malicious users to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, which reveals the path in an error message.
Ultimate Php Board Ultimate Php Board 1.9.6 Gold
NA
CVE-2005-2030
Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows malicious users to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.
Ultimate Php Board Ultimate Php Board 1.9.6
Ultimate Php Board Ultimate Php Board 1.8
Ultimate Php Board Ultimate Php Board 1.8.2
Ultimate Php Board Ultimate Php Board 1.9
1 EDB exploit
NA
CVE-2005-2005
Ultimate PHP Board (UPB) 1.9.6 GOLD and previous versions stores the users.dat file under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information on registered users via a direct request to db/users.dat.
Ultimate Php Board Ultimate Php Board 1.9.6
Ultimate Php Board Ultimate Php Board 1.8
Ultimate Php Board Ultimate Php Board 1.8.2
Ultimate Php Board Ultimate Php Board 1.9
NA
CVE-2005-2004
Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) ref parameter to login.php, (2) id or (3) page parameter to viewtopic.php, id parameter to (4...
Ultimate Php Board Ultimate Php Board 1.9.6
Ultimate Php Board Ultimate Php Board 1.8
Ultimate Php Board Ultimate Php Board 1.8.2
Ultimate Php Board Ultimate Php Board 1.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started