RCE in Myupb Ultimate_php_board

CVE-2003-0395

Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.025 (82.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References