Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and previous versions allows remote malicious users to inject arbitrary PHP code via the username parameter, which is injected into chat/text.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ultimate php board ultimate php board |