CVE-2002-2322

high

Description

Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.

References

http://www.securityfocus.com/bid/5858

http://www.iss.net/security_center/static/10300.php

http://archives.neohapsis.com/archives/bugtraq/2002-10/0016.html

Details

Source: Mitre, NVD

Published: 2002-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.0026