Ultimate Php Board

ultimate_php_board

Vendor: Myupb • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-61540 1Myupb 1Ultimate Php Board Oct 21, 2025 Oct 16, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php.
CVE-2025-61539 1Myupb 1Ultimate Php Board Oct 21, 2025 Oct 16, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross site scripting (XSS) vulnerability in Ultimate PHP Board 2.2.7 via the u_name parameter in lostpassword.php.
CVE-2015-2217 1Myupb 1Ultimate Php Board May 6, 2026 Mar 10, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP Board (aka myUPB) before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to search.php or (2) avatar paramet...Show more Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP Board (aka myUPB) before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to search.php or (2) avatar parameter to profile.php.Show less
CVE-2003-0395 1Myupb 1Ultimate Php Board Apr 16, 2026 Jul 2, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administra...Show more Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php.Show less