CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1820

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1060%
EPSS Percentile8.63th
PublishedDec 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."

Affected Platforms (CPE)

πŸ“¦
Ultimate Php Board Project

Ultimate Php Board

= 1.0
πŸ“¦
Ultimate Php Board Project

Ultimate Php Board

= 1.0

References & Advisories

πŸ”— http://www.iss.net/security_center/static/9972.php
πŸ”— http://www.securityfocus.com/archive/1/289417
πŸ”— http://www.securityfocus.com/bid/5580
πŸ”— http://www.iss.net/security_center/static/9972.php
πŸ”— http://www.securityfocus.com/archive/1/289417
πŸ”— http://www.securityfocus.com/bid/5580

Related Vulnerabilities

CVE-2006-320310.0

The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which ...

CVE-2005-16157.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder pa...

CVE-2003-03957.5

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP r...

CVE-2005-16167.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid...