CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-3203

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile13.80th
Published2006年6月24日
Last Modified2026年4月16日

Vulnerability Description

The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.

Affected Platforms (CPE)

📦
Ultimate Php Board

Ultimate Php Board

= 1.8
📦
Ultimate Php Board

Ultimate Php Board

= 1.8.2
📦
Ultimate Php Board

Ultimate Php Board

= 1.9
📦
Ultimate Php Board

Ultimate Php Board

= 1.9.6

References & Advisories

🔗 http://securityreason.com/securityalert/1138
🔗 http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt
🔗 http://www.securityfocus.com/archive/1/437875/100/0/threaded
🔗 http://securityreason.com/securityalert/1138
🔗 http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt
🔗 http://www.securityfocus.com/archive/1/437875/100/0/threaded

関連する脆弱性情報

CVE-2002-18209.8

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote...

CVE-2005-16157.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder pa...

CVE-2003-03957.5

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP r...

CVE-2005-16167.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid...