CVE-2003-0395

Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board (UPB) version 1.9

Description: The issue allows remote attackers to execute arbitrary PHP code with administrator privileges. This is achieved via an HTTP request containing the code in the User-Agent header, which is executed when the administrator runs admin iplog.php.

Recommendations: For Ultimate PHP Board (UPB) version 1.9, consider restricting access to admin iplog.php until a fix is available, and avoid using the User-Agent header to execute PHP code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.