This page lists publicly disclosed CVE vulnerabilities affecting ultrascripts ultraboard (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2001-0135 | The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs. | [email protected] | 2.1 | 0.14% | 2001-03-12 | 2026-04-16 |
| CVE-2000-0426 | UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | [email protected] | 5.0 | 6.03% | 2000-05-05 | 2026-04-16 |
| CVE-2000-0332 | UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte. | [email protected] | 5.0 | 8.19% | 2000-05-03 | 2026-04-16 |