Sensitive Information Disclosure in Ultimate PHP Board (UPB) 1.9.6 GOLD

Sensitive Information Disclosure in Ultimate PHP Board (UPB) 1.9.6 GOLD

CVE-2005-2003 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, which reveals the path in an error message.

Learn more about our Web Application Penetration Testing UK.