VYPR
Critical severity9.8NVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026

CVE-2002-1820

CVE-2002-1820

Description

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."

Affected products

3
  • cpe:2.3:a:ultimate_php_board_project:ultimate_php_board:1.0:-:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ultimate_php_board_project:ultimate_php_board:1.0:-:*:*:*:*:*:*
    • cpe:2.3:a:ultimate_php_board_project:ultimate_php_board:1.0:beta:*:*:*:*:*:*
    • (no CPE)range: 1.0, 1.0b

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.