SQL Injection Vulnerability in Ultimate PHP Board (UPB) 1.8 through 1.9.6 via postorder Parameter in viewforum.php

SQL Injection Vulnerability in Ultimate PHP Board (UPB) 1.8 through 1.9.6 via postorder Parameter in viewforum.php

CVE-2005-1615 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.