Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
punbb punbb 1.2.9 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-4686
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows malicious users to obtain unspecified sensitive information.
Punbb Punbb 1.2.5
Punbb Punbb 1.2.7
Punbb Punbb 1.2.9
Punbb Punbb 1.2.1
Punbb Punbb 1.2.2
Punbb Punbb 1.2.3
Punbb Punbb 1.2.4
Punbb Punbb 1.2.6
Punbb Punbb 1.2.8
445
VMScore
CVE-2005-4688
PunBB 1.2.9 does not require password entry when changing the e-mail address in an account's profile, which might allow an malicious user to make an address change via a hijacked login session.
Punbb Punbb 1.2.9
605
VMScore
CVE-2008-7241
Cross-site request forgery (CSRF) vulnerability in PunBB prior to 1.2.17 allows remote malicious users to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout.
Punbb Punbb 1.2
Punbb Punbb 1.2.15
Punbb Punbb 1.2.13
Punbb Punbb 1.2.12
Punbb Punbb 1.1.3
Punbb Punbb 1.1.2
Punbb Punbb 1.1.1
Punbb Punbb 1.1
Punbb Punbb 1.2.5
Punbb Punbb 1.2.4
Punbb Punbb 1.2.3
Punbb Punbb 1.2.2
Punbb Punbb 1.1.5
Punbb Punbb 1.2.14
Punbb Punbb 1.2.10
Punbb Punbb 1.2.7
Punbb Punbb 1.2.9
Punbb Punbb 1.1.4
Punbb Punbb 1.2.1
Punbb Punbb 1.2.11
Punbb Punbb 1.0
Punbb Punbb 1.2.6
445
VMScore
CVE-2006-0866
PunBB 1.2.10 and previous versions allows remote malicious users to conduct brute force guessing attacks for an account's password, which may be as short as 4 characters.
Punbb Punbb 1.0
Punbb Punbb 1.0 Beta2
Punbb Punbb 1.0 Beta3
Punbb Punbb 1.1.5
Punbb Punbb 1.2
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
Punbb Punbb 1.0 Rc1
Punbb Punbb 1.0 Rc2
Punbb Punbb 1.1
Punbb Punbb 1.2.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.8
Punbb Punbb 1.2.9
Punbb Punbb 1.0 Beta1
Punbb Punbb 1.0 Beta1a
Punbb Punbb 1.1.3
Punbb Punbb 1.1.4
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.0.1
Punbb Punbb 1.0 Alpha
383
VMScore
CVE-2006-1089
Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag.
Punbb Punbb 1.0.1
Punbb Punbb 1.0 Alpha
Punbb Punbb 1.1
Punbb Punbb 1.1.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.2
Punbb Punbb 1.2.3
Punbb Punbb 1.0 Beta1
Punbb Punbb 1.0 Beta1a
Punbb Punbb 1.1.2
Punbb Punbb 1.1.3
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.0 Beta2
Punbb Punbb 1.0 Beta3
Punbb Punbb 1.1.4
Punbb Punbb 1.1.5
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
Punbb Punbb 1.0
Punbb Punbb 1.0 Rc1
Punbb Punbb 1.0 Rc2
505
VMScore
CVE-2006-0865
PunBB 1.2.10 and previous versions allows remote malicious users to cause a denial of service (resource consumption) by registering many user accounts quickly.
Punbb Punbb 1.0.1
Punbb Punbb 1.0 Alpha
Punbb Punbb 1.1
Punbb Punbb 1.1.1
Punbb Punbb 1.2.2
Punbb Punbb 1.2.3
Punbb Punbb 1.0
Punbb Punbb 1.0 Rc1
Punbb Punbb 1.0 Rc2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.8
Punbb Punbb 1.2.9
Punbb Punbb 1.0 Beta2
Punbb Punbb 1.0 Beta3
Punbb Punbb 1.1.5
Punbb Punbb 1.2
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
Punbb Punbb 1.0 Beta1
Punbb Punbb 1.0 Beta1a
Punbb Punbb 1.1.2
1 EDB exploit
890
VMScore
CVE-2008-3335
Unspecified vulnerability in PunBB prior to 1.2.19 allows remote malicious users to inject arbitrary SMTP commands via unknown vectors.
Punbb Punbb 1.0
Punbb Punbb 1.1
Punbb Punbb 1.2.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.17
Punbb Punbb 1.2.2
Punbb Punbb
Punbb Punbb 1.1.3
Punbb Punbb 1.1.4
Punbb Punbb 1.2.13
Punbb Punbb 1.2.14
Punbb Punbb 1.2.5
Punbb Punbb 1.2.6
Punbb Punbb 1.0.1
Punbb Punbb 1.1.1
Punbb Punbb 1.1.2
Punbb Punbb 1.2.11
Punbb Punbb 1.2.12
Punbb Punbb 1.2.3
Punbb Punbb 1.2.4
Punbb Punbb 1.1.5
Punbb Punbb 1.2
383
VMScore
CVE-2008-3336
Multiple cross-site scripting (XSS) vulnerabilities in PunBB prior to 1.2.19 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors in (1) include/parser.php and (2) moderate.php.
Punbb Punbb 1.0
Punbb Punbb 1.1.4
Punbb Punbb 1.1.5
Punbb Punbb 1.2.15
Punbb Punbb 1.2.16
Punbb Punbb 1.2.7
Punbb Punbb 1.2.8
Punbb Punbb 1.0.1
Punbb Punbb 1.1
Punbb Punbb 1.1.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.11
Punbb Punbb 1.2.12
Punbb Punbb 1.2.3
Punbb Punbb 1.2.4
Punbb Punbb
Punbb Punbb 1.2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.17
Punbb Punbb 1.2.2
Punbb Punbb 1.2.9
Punbb Punbb 1.1.2
187
VMScore
CVE-2006-5738
Multiple SQL injection vulnerabilities in PunBB prior to 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
Punbb Punbb 1.0 Beta2
Punbb Punbb 1.0 Beta3
Punbb Punbb 1.0 Rc1
Punbb Punbb 1.0 Rc2
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
Punbb Punbb 1.0.1
Punbb Punbb 1.0 Beta1
Punbb Punbb 1.1.1
Punbb Punbb 1.1.3
Punbb Punbb 1.2.12
Punbb Punbb 1.2.3
Punbb Punbb 1.2.8
Punbb Punbb
Punbb Punbb 1.0
Punbb Punbb 1.1.4
Punbb Punbb 1.1.5
Punbb Punbb 1.2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.10
454
VMScore
CVE-2006-5736
SQL injection vulnerability in search.php in PunBB prior to 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote malicious users to execute arbitrary SQL commands via the result_list array parameter, which is not initialized.
Punbb Punbb 1.0 Beta2
Punbb Punbb 1.0 Beta3
Punbb Punbb 1.1.4
Punbb Punbb 1.1.5
Punbb Punbb 1.2.3
Punbb Punbb 1.0
Punbb Punbb 1.0.1
Punbb Punbb 1.1
Punbb Punbb 1.1.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.11
Punbb Punbb 1.2.7
Punbb Punbb 1.2.8
Punbb Punbb 1.2.9
Punbb Punbb 1.0 Alpha
Punbb Punbb 1.0 Beta1
Punbb Punbb 1.0 Beta1a
Punbb Punbb 1.1.2
Punbb Punbb 1.1.3
Punbb Punbb 1.2.12
Punbb Punbb 1.2.2
Punbb Punbb
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »