Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
punbb punbb vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-28968
An issue exists in PunBB prior to 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.
Gnu Punbb
NA
CVE-2011-3371
Multiple cross-site scripting (XSS) vulnerabilities in include/functions.php in PunBB prior to 1.3.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) id, (2) form_sent, (3) csrf_token, (4) req_confirm, or (5) delete parameter to delete.php, the (6) ...
Punbb Punbb 1.2.4
Punbb Punbb 1.2.14
Punbb Punbb 1.2.2
Punbb Punbb 1.2.7
Punbb Punbb 1.2.5
Punbb Punbb 1.2.9
Punbb Punbb 1.1
Punbb Punbb 1.2
Punbb Punbb 1.0
Punbb Punbb 1.2.21
Punbb Punbb 1.2.20
Punbb Punbb 1.2.15
Punbb Punbb 1.2.17
Punbb Punbb 1.2.22
Punbb Punbb 1.0.1
Punbb Punbb 1.1.3
Punbb Punbb 1.1.2
Punbb Punbb 1.1.1
Punbb Punbb 1.3
Punbb Punbb 1.3.2
Punbb Punbb 1.3.3
Punbb Punbb 1.3.4
NA
CVE-2009-4894
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB prior to 1.3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) password or (2) e-mail.
Punbb Punbb
Punbb Punbb 1.3.1
Punbb Punbb 1.2.19
Punbb Punbb 1.2.2
Punbb Punbb 1.2.20
Punbb Punbb 1.2.21
Punbb Punbb 1.1.5
Punbb Punbb 1.0
Punbb Punbb 1.0.1
Punbb Punbb 1.2.10
Punbb Punbb 1.2.11
Punbb Punbb 1.2.12
Punbb Punbb 1.2.13
Punbb Punbb 1.2.7
Punbb Punbb 1.2.8
Punbb Punbb 1.2.9
Punbb Punbb 1.1
Punbb Punbb 1.3
Punbb Punbb 1.2.1
Punbb Punbb 1.2.14
Punbb Punbb 1.2.16
Punbb Punbb 1.2.18
NA
CVE-2010-0455
Cross-site scripting (XSS) vulnerability in forum/viewtopic.php in PunBB 1.3 allows remote malicious users to inject arbitrary web script or HTML via the pid parameter.
Punbb Punbb 1.3
NA
CVE-2008-7241
Cross-site request forgery (CSRF) vulnerability in PunBB prior to 1.2.17 allows remote malicious users to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout.
Punbb Punbb 1.2
Punbb Punbb 1.2.15
Punbb Punbb 1.2.13
Punbb Punbb 1.2.12
Punbb Punbb 1.1.3
Punbb Punbb 1.1.2
Punbb Punbb 1.1.1
Punbb Punbb 1.1
Punbb Punbb 1.2.5
Punbb Punbb 1.2.4
Punbb Punbb 1.2.3
Punbb Punbb 1.2.2
Punbb Punbb 1.1.5
Punbb Punbb 1.2.14
Punbb Punbb 1.2.10
Punbb Punbb 1.2.7
Punbb Punbb 1.2.9
Punbb Punbb 1.1.4
Punbb Punbb 1.2.1
Punbb Punbb 1.2.11
Punbb Punbb 1.0
Punbb Punbb 1.2.6
NA
CVE-2009-2786
SQL injection vulnerability in reputation.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and previous versions for PunBB allows remote malicious users to execute arbitrary SQL commands via the poster parameter.
Reputation Reputation
Reputation Reputation 2.2.3
Reputation Reputation 2.0.4
1 EDB exploit
NA
CVE-2009-2787
Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and previous versions for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary...
Reputation Reputation 2.2.3
Reputation Reputation 2.0.4
Reputation Reputation
1 EDB exploit
NA
CVE-2009-2308
Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and previous versions for PunBB allow remote malicious users to execute arbitrary SQL commands via the (1) in or (2) out parameter.
Punres Affiliates Mod
Punres Affiliates Mod 1.0.0
1 EDB exploit
NA
CVE-2009-2276
SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and previous versions for PunBB allows remote malicious users to execute arbitrary SQL commands via the out parameter.
Biglle Vote For Us Extension 1.0
Biglle Vote For Us Extension
1 EDB exploit
NA
CVE-2008-6308
Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and previous versions for PunBB allow remote malicious users to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) heade...
Punbb Private Messaging System 1.2.2
Punbb Private Messaging System
Punbb Private Messaging System 1.2.1
Punbb Private Messaging System 1.2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »