CyberSec.Space Logo
Back to CVE Browser

CVE-2006-3203

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile13.80th
PublishedJun 24, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.

Affected Platforms (CPE)

πŸ“¦
Ultimate Php Board

Ultimate Php Board

= 1.8
πŸ“¦
Ultimate Php Board

Ultimate Php Board

= 1.8.2
πŸ“¦
Ultimate Php Board

Ultimate Php Board

= 1.9
πŸ“¦
Ultimate Php Board

Ultimate Php Board

= 1.9.6

References & Advisories

πŸ”— http://securityreason.com/securityalert/1138
πŸ”— http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt
πŸ”— http://www.securityfocus.com/archive/1/437875/100/0/threaded
πŸ”— http://securityreason.com/securityalert/1138
πŸ”— http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt
πŸ”— http://www.securityfocus.com/archive/1/437875/100/0/threaded

Related Vulnerabilities

CVE-2002-18209.8

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote...

CVE-2005-16157.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder pa...

CVE-2003-03957.5

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP r...

CVE-2005-16167.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid...