register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the "[NR]" sequence in the signature field, which is used to separate multiple records.
W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Polish
English