PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote malicious users to misrepresent their IP address by sending a modified header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f-art agency blog cms 3.0 |
||
f-art agency blog cms 3.1 |
||
f-art agency blog cms 3.1.2 |
||
punbb punbb 1.2.4 |
||
punbb punbb 1.2.5 |
||
punbb punbb 1.2.6 |
||
punbb punbb 1.2.7 |
||
f-art agency blog cms 3.1.3 |
||
f-art agency blog cms 3.6.2 |
||
punbb punbb 1.2.1 |
||
punbb punbb 1.2.3 |
||
punbb punbb 1.2.8 |
||
f-art agency blog cms 4.0.0 |
||
f-art agency blog cms 4.0.0a |
||
f-art agency blog cms 4.0.0b |
||
f-art agency blog cms 4.0.0c |
||
f-art agency blog cms 3.1.4 |
||
f-art agency blog cms 3.6.4 |
||
f-art agency blog cms 4.0.0d |
||
punbb punbb 1.2.2 |
||
punbb punbb 1.2.9 |