CVE-2005-1615 Information

Description

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter which is not properly handled by textdb.inc.php possibly due to a SQL injection vulnerability.

Reference

http://marc.info/?l=bugtraq&m=111600262424876&w=2 http://www.securityfocus.com/bid/13622