SQL Injection Vulnerability in Ultimate PHP Board (UPB) 1.8 through 1.9.6 via postorder Parameter in viewforum.php
CVE-2005-1615 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.