CVE-2005-1615

Ultimate Php Board - SQL Injection

Title source: rule
STIX 2.1

Description

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Morinex Eneco · textwebappsphp
https://www.exploit-db.com/exploits/25655

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/13622
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111600262424876&w=2

Scores

EPSS 0.0043
EPSS Percentile 62.2%

Details

Status published
Products (4)
ultimate_php_board/ultimate_php_board 1.8
ultimate_php_board/ultimate_php_board 1.8.2
ultimate_php_board/ultimate_php_board 1.9
ultimate_php_board/ultimate_php_board 1.9.6
Published May 16, 2005
Tracked Since Feb 18, 2026