Vulnerabilities > CVE-2005-3078 - Cross-Site Scripting vulnerability in Punbb

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
punbb
nessus
NVD
Published: 2005-09-27
Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature.

Vulnerable Configurations

Part Description Count
Application
Punbb
23

Nessus

NASL familyCGI abuses
NASL idPUNBB_128.NASL
descriptionAccording to its banner, the version of PunBB installed on the remote host suffers from several flaws. - A File Include Vulnerability The application fails to validate the
last seen2020-06-01
modified2020-06-02
plugin id19775
published2005-09-23
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/19775
titlePunBB < 1.2.8 Multiple Vulnerabilities

References