Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext by obtaining the plaintext password, which is sent when logging in, and the ciphertext, which is set in the pass_env cookie.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ultimate PHP Board 分组密码 输入验证漏洞
Vulnerability Description
Ultimate PHP Board (UPB)采用具有大密钥冲突空间的密码性较弱的分组密码。远程攻击者可以通过获得登录时发送的纯文本密码,以及pass_env cookie中设置的密文,利用确定的纯文本和密文来确定适合的解密密钥。
CVSS Information
N/A
Vulnerability Type
N/A