5.1
CVSSv2

CVE-2006-5736

Published: 06/11/2006 Updated: 17/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL injection vulnerability in search.php in PunBB prior to 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote malicious users to execute arbitrary SQL commands via the result_list array parameter, which is not initialized.

Vulnerable Product Search on Vulmon Subscribe to Product

punbb punbb 1.0_beta2

punbb punbb 1.0_beta3

punbb punbb 1.1.4

punbb punbb 1.1.5

punbb punbb 1.2.3

punbb punbb 1.0

punbb punbb 1.0.1

punbb punbb 1.1

punbb punbb 1.1.1

punbb punbb 1.2.10

punbb punbb 1.2.11

punbb punbb 1.2.7

punbb punbb 1.2.8

punbb punbb 1.2.9

punbb punbb 1.0_alpha

punbb punbb 1.0_beta1

punbb punbb 1.0_beta1a

punbb punbb 1.1.2

punbb punbb 1.1.3

punbb punbb 1.2.12

punbb punbb 1.2.2

punbb punbb

punbb punbb 1.2.4

punbb punbb 1.0_rc1

punbb punbb 1.0_rc2

punbb punbb 1.2

punbb punbb 1.2.1

punbb punbb 1.2.5

punbb punbb 1.2.6