### [CVE-2005-1615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1615)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.

### POC

#### Reference
- http://marc.info/?l=bugtraq&m=111600262424876&w=2

#### Github
No PoCs found on GitHub currently.