VYPR
Unrated severityNVD Advisory· Published Jun 24, 2006· Updated Jun 16, 2026

CVE-2006-3205

CVE-2006-3205

Description

Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.9.6:*:*:*:*:*:*:*
  • Myupb/Upbllm-fuzzy
    Range: <=1.9.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.