Ultimate Php Board CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-61540	3 Myupb, Ultimate Php Board, Ultimate Php Board Project	3 Ultimate Php Board, Ultimate Php Board, Ultimate Php Board	2025-10-23	6.5 Medium
SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php.
CVE-2002-1820	1 Ultimate Php Board Project	1 Ultimate Php Board	2025-04-03	9.8 Critical
register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."

Page 1 of 1.