Vulnerability Database

311,377

Total vulnerabilities in the database

CVE-2022-25091

Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.

Published: Apr 27, 2023
Updated: Nov 16, 2025
CVE: CVE-2022-25091
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
infopop / ultimate_bulletin_board	-	5.47a.x

http://www.infopop.com/support/ubbclassic/version5.html
https://marc.info/?l=vuln-dev&m=97486849231786&w=2
https://vulners.com/securityvulns/SECURITYVULNS:DOC:954
https://web.archive.org/web/20030207100935/
https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo