Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0395

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0395
Last Modified 05 Sep 2008 04:34:12
Published 02 Jul 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0395

Summary

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php.

Vulnerable Systems

Application

  • Php Outburst Ultimate Php Board Upb 1.9


References

BUGTRAQ - 20030524 UPB: Discussion Board/Web-Site Takeover

MISC - http://f0kp.iplus.ru/bz/024.en.txt


Last Updated: 27 May 2016 10:37:53