Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
punbb punbb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0570
profile.php in PunBB 1.2.1 allows remote malicious users to cause a denial of service (account lockout) by setting the user's password to NULL.
Punbb Punbb 1.2.1
NA
CVE-2005-0571
admin_loader.php in PunBB 1.2.1 allows remote malicious users to read arbitrary files via the plugin parameter.
Punbb Punbb 1.2.1
5.4
CVSSv3
CVE-2021-28968
An issue exists in PunBB prior to 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.
Gnu Punbb
NA
CVE-2007-6527
uploadimg.php in the Automatic Image Upload with Thumbnails (imgUpload) module 1.3.2 for PunBB only verifies the Content-type field of uploaded files, which allows remote malicious users to upload and execute arbitrary content via a file with a (1) JPG, (2) GIF, or (3) PNG MIME t...
Rickard Andersson Punbb 1.3.3
NA
CVE-2009-2786
SQL injection vulnerability in reputation.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and previous versions for PunBB allows remote malicious users to execute arbitrary SQL commands via the poster parameter.
Reputation Reputation
Reputation Reputation 2.2.3
Reputation Reputation 2.0.4
1 EDB exploit
NA
CVE-2009-2787
Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and previous versions for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary...
Reputation Reputation 2.2.3
Reputation Reputation 2.0.4
Reputation Reputation
1 EDB exploit
NA
CVE-2008-5418
Directory traversal vulnerability in login.php in the PunPortal module prior to 2.0 for PunBB allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
Justin Roy Punportal Module 1.0
1 EDB exploit
NA
CVE-2009-2308
Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and previous versions for PunBB allow remote malicious users to execute arbitrary SQL commands via the (1) in or (2) out parameter.
Punres Affiliates Mod
Punres Affiliates Mod 1.0.0
1 EDB exploit
NA
CVE-2009-2276
SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and previous versions for PunBB allows remote malicious users to execute arbitrary SQL commands via the out parameter.
Biglle Vote For Us Extension 1.0
Biglle Vote For Us Extension
1 EDB exploit
NA
CVE-2006-1894
Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote malicious users to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is transformed when the application's e-mail address obfuscator reverses t...
Revoboard Revoboard 1.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5