Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
punbb punbb vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-4686
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows malicious users to obtain unspecified sensitive information.
Punbb Punbb 1.2.3
Punbb Punbb 1.2.7
Punbb Punbb 1.2.5
Punbb Punbb 1.2.1
Punbb Punbb 1.2.4
Punbb Punbb 1.2.8
Punbb Punbb 1.2.2
Punbb Punbb 1.2.6
Punbb Punbb 1.2.9
7.5
CVSSv2
CVE-2005-3328
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 up to and including 1.1.5 allows remote malicious users to execute arbitrary code via the pun_root parameter.
Punbb Punbb 1.1.5
Punbb Punbb 1.1.3
Punbb Punbb 1.1.4
Punbb Punbb 1.1.2
7.5
CVSSv2
CVE-2005-3518
SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote malicious users to execute arbitrary SQL commands via the old_searches parameter.
Punbb Punbb 1.2.7
Punbb Punbb 1.2.8
1 EDB exploit
4.3
CVSSv2
CVE-2008-5433
Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote malicious users to inject arbitrary web script or HTML via the password field.
Punbb Punbb 1.3.1
Punbb Punbb 1.3
6.5
CVSSv2
CVE-2008-5434
Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php.
Punbb Punbb 1.3.1
Punbb Punbb 1.3
5
CVSSv2
CVE-2005-4687
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote malicious users to misrepresent their IP address by sending a modified header.
Punbb Punbb 1.2.3
F-art Agency Blog Cms 4.0.0
Punbb Punbb 1.2.7
Punbb Punbb 1.2.5
F-art Agency Blog Cms 4.0.0d
F-art Agency Blog Cms 3.6.2
Punbb Punbb 1.2.1
F-art Agency Blog Cms 3.1
F-art Agency Blog Cms 4.0.0a
F-art Agency Blog Cms 3.0
F-art Agency Blog Cms 3.1.4
F-art Agency Blog Cms 3.6.4
Punbb Punbb 1.2.4
Punbb Punbb 1.2.8
F-art Agency Blog Cms 3.1.2
Punbb Punbb 1.2.2
F-art Agency Blog Cms 3.1.3
F-art Agency Blog Cms 4.0.0c
Punbb Punbb 1.2.6
F-art Agency Blog Cms 4.0.0b
Punbb Punbb 1.2.9
7.5
CVSSv2
CVE-2007-2234
include/common.php in PunBB 1.2.14 and previous versions does not properly handle a disabled ini_get function when checking the register_globals setting, which allows remote malicious users to register global parameters, as demonstrated by an SQL injection attack on the search_id...
Punbb Punbb
4.3
CVSSv2
CVE-2007-2235
Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php.
Punbb Punbb
6.8
CVSSv2
CVE-2007-2236
footer.php in PunBB 1.2.14 and previous versions allows remote malicious users to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file...
Punbb Punbb
7.5
CVSSv2
CVE-2006-5735
Directory traversal vulnerability in include/common.php in PunBB prior to 1.2.14 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the language parameter, related to register.php storing a language value in the users table.
Punbb Punbb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »