Filtered by vendor Punbb
Subscriptions
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1072 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2005-2193 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| SQL injection vulnerability in the user profile edit module in profile.php for PunBB 1.2.5 and earlier allows remote attackers to execute arbitrary SQL statements via the temp array, which is not initialized before it is used and prevents the attacker-supplied portions of the array from being properly escaped. | ||||
| CVE-2006-1090 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations. | ||||
| CVE-2005-3328 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter. | ||||
| CVE-2009-4894 | 1 Punbb | 1 Punbb | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail. | ||||
| CVE-2010-0455 | 1 Punbb | 1 Punbb | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in forum/viewtopic.php in PunBB 1.3 allows remote attackers to inject arbitrary web script or HTML via the pid parameter. | ||||
| CVE-2011-3371 | 1 Punbb | 1 Punbb | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in include/functions.php in PunBB before 1.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) form_sent, (3) csrf_token, (4) req_confirm, or (5) delete parameter to delete.php, the (6) id, (7) form_sent, (8) csrf_token, (9) req_message, or (10) submit parameter to edit.php, the (11) action, (12) form_sent, (13) csrf_token, (14) req_email, or (15) request_pass parameter to login.php, the (16) email, (17) form_sent, (18) redirect_url, (19) csrf_token, (20) req_subject, (21) req_message, or (22) submit parameter to misc.php, the (23) action, (24) id, (25) form_sent, (26) csrf_token, (27) req_old_password, (28) req_new_password1, (29) req_new_password2, or (30) update parameter to profile.php, or the (31) action, (32) form_sent, (33) csrf_token, (34) req_username, (35) req_password1, (36) req_password2, (37) req_email1, (38) timezone, or (39) register parameter to register.php. | ||||