Vulnerabilities > Punbb > Punbb > 1.2.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-06 | CVE-2006-5736 | SQL-Injection vulnerability in Punbb SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized. | 5.1 |
2006-06-01 | CVE-2006-2724 | Cross-Site Scripting vulnerability in Punbb 1.2.11 Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a different vulnerability than CVE-2006-2227. network punbb | 6.8 |
2006-05-05 | CVE-2006-2227 | Input Validation vulnerability in Punbb 1.2.11 Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 allows remote attackers to inject arbitrary web script or HTML via the req_message parameter, because the value of the redirect_url parameter is not sanitized. network punbb | 4.3 |