cve/2005/CVE-2005-1615.md

### [CVE-2005-1615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1615)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.

### POC

#### Reference
- http://marc.info/?l=bugtraq&m=111600262424876&w=2

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2005-1615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1615)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.`

			`### POC`

			`#### Reference`
			`- http://marc.info/?l=bugtraq&m=111600262424876&w=2`

			`#### Github`
			`No PoCs found on GitHub currently.`