CVE-2006-3205

Name of the Vulnerable Software and Affected Versions Ultimate PHP Board (UPB) versions 1.9.6 and earlier

Description The issue allows remote attackers to gain access by modifying certain parameters in a cookie. These parameters, including user env, pass env, power env, and id env, can be exploited to create a persistent logon that remains unchanged across different sessions.

Recommendations For Ultimate PHP Board (UPB) versions 1.9.6 and earlier, consider restricting access to the parameters user env, pass env, power env, and id env in cookies to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.