Unrated severityNVD Advisory· Published Jun 24, 2006· Updated Jun 16, 2026
CVE-2006-3206
CVE-2006-3206
Description
register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the "[NR]" sequence in the signature field, which is used to separate multiple records.
Affected products
5cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.9.6:*:*:*:*:*:*:*
- (no CPE)range: <=1.9.6
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.