CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-1820

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1060%
EPSS Percentile8.63th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."

Affected Platforms (CPE)

📦
Ultimate Php Board Project

Ultimate Php Board

= 1.0
📦
Ultimate Php Board Project

Ultimate Php Board

= 1.0

References & Advisories

🔗 http://www.iss.net/security_center/static/9972.php
🔗 http://www.securityfocus.com/archive/1/289417
🔗 http://www.securityfocus.com/bid/5580
🔗 http://www.iss.net/security_center/static/9972.php
🔗 http://www.securityfocus.com/archive/1/289417
🔗 http://www.securityfocus.com/bid/5580

相關漏洞威脅

CVE-2006-320310.0

The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which ...

CVE-2005-16157.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder pa...

CVE-2003-03957.5

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP r...

CVE-2005-16167.5

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid...