|Title:||Ultimate PHP Board admin_ip.php code injection|
The remote host is running Ultimate PHP Board (UPB).
There is a flaw in this version which may allow an attacker
to execute arbitrary code on this host, by sending a malformed
user-agent which contains PHP commands. Once the user-agent
has been sent, it is stored in the logs. When the administrator
of this web site will read the logs through admin_ip.php,
the code will be executed.
Solution : Upgrade to the latest version of this CGI
Risk factor : High
BugTraq ID: 7678|
|Copyright||This script is Copyright (C) 2003 Renaud Deraison|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.