CVE-2003-0395 — HIGH severity vulnerability (Ultimate PHP Board (UPB) 1.9 allows remote attackers to exec)
Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php.
| CVE ID | CVE-2003-0395 |
|---|---|
| Severity | HIGH |
| CVSS score | 7.5 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| CWE | CWE-94 |
| Status | Modified |
| Published | 2003-07-02 |
| Last modified | 2026-04-16 |
| Description | Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →