RCE in Myupb Ultimate_php_board
CVE-2003-0395
Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_…
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.025 (82.9th percentile) — read the EPSS interpretation.
Affected products
- Myupb Ultimate_php_board — versions 1.9
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_MISC, Broken Link)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ, Third Party Advisory)