Vulnerabilities > Punbb

DATE	CVE	VULNERABILITY TITLE	RISK
2008-12-11	CVE-2008-5434	SQL Injection vulnerability in Punbb 1.3/1.3.1 Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php. network low complexity punbb CWE-89	6.5
2008-12-11	CVE-2008-5433	Cross-Site Scripting vulnerability in Punbb 1.3/1.3.1 Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the password field. network punbb CWE-79	4.3
2008-12-10	CVE-2008-5418	Path Traversal vulnerability in Justin ROY Punportal Module 1.0 Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. network high complexity justin-roy punbb CWE-22	5.1
2008-09-11	CVE-2008-3968	Cross-Site Scripting vulnerability in Punbb Cross-site scripting (XSS) vulnerability in userlist.php in PunBB before 1.2.20 allows remote attackers to inject arbitrary web script or HTML via the p parameter. network punbb CWE-79	4.3
2008-07-27	CVE-2008-3336	Cross-Site Scripting vulnerability in Punbb Multiple cross-site scripting (XSS) vulnerabilities in PunBB before 1.2.19 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) include/parser.php and (2) moderate.php. network punbb CWE-79	4.3
2008-07-27	CVE-2008-3335	Code Injection vulnerability in Punbb Unspecified vulnerability in PunBB before 1.2.19 allows remote attackers to inject arbitrary SMTP commands via unknown vectors. network low complexity punbb CWE-94 critical	10.0
2008-03-24	CVE-2008-1485	Cross-Site Scripting vulnerability in Punbb Cross-site scripting (XSS) vulnerability in PunBB 1.2.16 and earlier allows remote attackers to inject arbitrary web script or HTML via the get_host parameter to moderate.php. network punbb CWE-79	4.3
2008-03-24	CVE-2008-1484	Permissions, Privileges, and Access Controls vulnerability in Punbb The password reset feature in PunBB 1.2.16 and earlier uses predictable random numbers based on the system time, which allows remote authenticated users to determine the new password via a brute force attack on a seed that is based on the approximate creation time of the targeted account. network punbb CWE-264	3.5
2007-04-25	CVE-2007-2236	Cross-Site Scripting vulnerability in Punbb footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file. network punbb	6.8
2007-04-25	CVE-2007-2235	Cross-Site Scripting vulnerability in Punbb Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php. network punbb	4.3

Vulnerabilities > Punbb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Punbb"}]}

Vulnerabilities > Punbb