CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-1615

HIGH
7.5
CVSS Severity Score
EPSS Score0.1710%
EPSS Percentile27.59th
Published2005年5月16日
Last Modified2026年4月16日

Vulnerability Description

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.

Affected Platforms (CPE)

📦
Ultimate Php Board

Ultimate Php Board

= 1.8
📦
Ultimate Php Board

Ultimate Php Board

= 1.8.2
📦
Ultimate Php Board

Ultimate Php Board

= 1.9
📦
Ultimate Php Board

Ultimate Php Board

= 1.9.6

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111600262424876&w=2
🔗 http://www.securityfocus.com/bid/13622
🔗 http://marc.info/?l=bugtraq&m=111600262424876&w=2
🔗 http://www.securityfocus.com/bid/13622

相关漏洞威胁

CVE-2006-320310.0

The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which ...

CVE-2002-18209.8

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote...

CVE-2005-16167.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid...

CVE-2003-03957.5

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP r...