Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
punbb punbb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4686
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows malicious users to obtain unspecified sensitive information.
Punbb Punbb 1.2.5
Punbb Punbb 1.2.7
Punbb Punbb 1.2.9
Punbb Punbb 1.2.1
Punbb Punbb 1.2.2
Punbb Punbb 1.2.3
Punbb Punbb 1.2.4
Punbb Punbb 1.2.6
Punbb Punbb 1.2.8
NA
CVE-2005-3328
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 up to and including 1.1.5 allows remote malicious users to execute arbitrary code via the pun_root parameter.
Punbb Punbb 1.1.3
Punbb Punbb 1.1.4
Punbb Punbb 1.1.2
Punbb Punbb 1.1.5
NA
CVE-2005-3518
SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote malicious users to execute arbitrary SQL commands via the old_searches parameter.
Punbb Punbb 1.2.7
Punbb Punbb 1.2.8
1 EDB exploit
NA
CVE-2008-5433
Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote malicious users to inject arbitrary web script or HTML via the password field.
Punbb Punbb 1.3
Punbb Punbb 1.3.1
NA
CVE-2008-5434
Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php.
Punbb Punbb 1.3
Punbb Punbb 1.3.1
NA
CVE-2008-6308
Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and previous versions for PunBB allow remote malicious users to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) heade...
Punbb Private Messaging System 1.2.2
Punbb Private Messaging System
Punbb Private Messaging System 1.2.1
Punbb Private Messaging System 1.2.0
1 EDB exploit
NA
CVE-2007-2235
Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php.
Punbb Punbb
NA
CVE-2007-2234
include/common.php in PunBB 1.2.14 and previous versions does not properly handle a disabled ini_get function when checking the register_globals setting, which allows remote malicious users to register global parameters, as demonstrated by an SQL injection attack on the search_id...
Punbb Punbb
NA
CVE-2007-2236
footer.php in PunBB 1.2.14 and previous versions allows remote malicious users to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file...
Punbb Punbb
NA
CVE-2006-5735
Directory traversal vulnerability in include/common.php in PunBB prior to 1.2.14 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the language parameter, related to register.php storing a language value in the users table.
Punbb Punbb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »