VYPR

Upb

by Myupb

CVEs (3)

  • CVE-2008-6727Apr 20, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

  • CVE-2006-3205Jun 24, 2006
    risk 0.00cvss epss 0.01

    Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions.

  • CVE-2006-3203Jun 24, 2006
    risk 0.00cvss epss 0.03

    The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.