CVE-2002-2322 Information

Description

Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control which allows remote attackers to obtain usernames and passwords.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-10/0016.html http://www.iss.net/security_center/static/10300.php upb-url-view-php(10300) http://www.securityfocus.com/bid/5858