Ultimate Bulletin Board Forum Password Bypass Vulnerability

A vulnerabilty exists in versions of UBB (Ultimate Bulletin Board) from infopop.com.

By modifying URLs submitted to the script, a remote attacker can bypass forum membership restrictions and password requirements, to read arbitrary messages in any forum, regardless of the attacker's assigned privileges.


Privacy Statement
Copyright 2010, SecurityFocus