Phase:Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) admin_cat.php, or (4) admin_forum.php.
ReferencesBID:5666 | URL:http://www.securityfocus.com/bid/5666 | SECTRACK:1005198 | URL:http://securitytracker.com/id?1005198
Votes:Assigned (Wednesday, June 29, 2005)
Comments:None (candidate not yet proposed)
F7: