Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-2005

Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users.dat.

  • Published: Jun 16, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-2005
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.