CVE-2006-3206 Information

Description

register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the [NR]\ sequence in the signature field which is used to separate multiple records.

Reference

http://securityreason.com/securityalert/1138 http://www.securityfocus.com/archive/1/437875/100/0/threaded