Max CVSS 5.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2005-2030 5.0
Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.
18-10-2016 - 03:24 16-06-2005 - 04:00
CVE-2005-2003 5.0
Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, which reveals the path in an error message.
18-10-2016 - 03:23 16-06-2005 - 04:00
CVE-2005-2005 5.0
Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users
18-10-2016 - 03:23 16-06-2005 - 04:00
CVE-2005-2004 5.0
Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ref parameter to login.php, (2) id or (3) page parameter to viewtopic.php, id p
18-10-2016 - 03:23 17-06-2005 - 04:00
Back to Top Mark selected
Back to Top