Vulnerabilities > Punbb > Punbb > 1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-09 | CVE-2006-1089 | Cross-Site Scripting vulnerability in PunBB Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag. network punbb | 4.3 |
| 2006-02-23 | CVE-2006-0866 | Remote Security vulnerability in Punbb PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an account's password, which may be as short as 4 characters. | 5.0 |
| 2006-02-23 | CVE-2006-0865 | Denial-Of-Service vulnerability in Punbb PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption) by registering many user accounts quickly. | 5.0 |
| 2005-09-27 | CVE-2005-3079 | Remote Security vulnerability in Punbb PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection. | 4.6 |
| 2005-09-27 | CVE-2005-3078 | Cross-Site Scripting vulnerability in Punbb Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature. network punbb | 4.3 |