PT-2006-4099 · Upb · Ultimate Php Board

Mbrooks

Publicado

2006-06-24

Atualizado

2024-02-14

CVE-2006-3204

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ultimate PHP Board (UPB) versions 1.9.6 and earlier

Description The issue allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext. This is achieved by obtaining the plaintext password, which is sent when logging in, and the ciphertext, which is set in the pass env cookie.

Recommendations For Ultimate PHP Board (UPB) versions 1.9.6 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-3204

Produtos afetados

Ultimate Php Board

PT-2006-4099 · Upb · Ultimate Php Board

CVE-2006-3204

Identificadores relacionados

Produtos afetados

Referências · 4