Ultrascripts : Security Vulnerabilities, CVEs,
The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-03-12
Updated
2016-10-18
UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself.
Max CVSS
5.0
EPSS Score
0.94%
Published
2000-05-05
Updated
2008-09-10
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte.
Max CVSS
5.0
EPSS Score
2.22%
Published
2000-05-03
Updated
2008-09-10
3 vulnerabilities found