Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ultimate PHP Board < 1.9.7 Multiple XSS



The remote host has a PHP script that may allow arbitrary code execution on the remote system


The remote host is running Ultimate PHP Board, a message board written in PHP. Versions of Ultimate less than 1.9.7 are vulnerable to multiple Cross-Site Scripting (XSS) flaws. An attacker exploiting these flaws would typically need to be able to convince a user to browse to a malicious URI. Successful exploitation would result in arbitrary code executing in the client browser and possible theft of confidential data (such as authentication cookies).


Upgrade to version 1.9.7 or higher.