Total vulnerabilities in the database
Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions.
| Software | From | Fixed in |
|---|---|---|
| ultimate_php_board / ultimate_php_board | 1.9.6 | 1.9.6.x |
| ultimate_php_board / ultimate_php_board | 1.8 | 1.8.x |
| ultimate_php_board / ultimate_php_board | 1.8.2 | 1.8.2.x |
| ultimate_php_board / ultimate_php_board | 1.9 | 1.9.x |