CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0CVE-2007-2236
https://notcve.org/view.php?id=CVE-2007-2236
footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file. footer.php de PunBB 1.2.14 y versiones anteriores permite a atacantes remotos incluir ficheros locales en include/user/ mediante un ataque de secuencias de comandos en sitios cruzados (XSS), ó mediante la etiqueta pun_include, como se demuestra al usar admin_options.php para ejecutar código PHP de un fichero avatar promocionado. • http://dev.punbb.org/changeset/937 http://secunia.com/advisories/24843 http://securityreason.com/securityalert/2613 http://www.acid-root.new.fr/advisories/13070411.txt http://www.securityfocus.com/archive/1/465338/100/100/threaded http://www.securityfocus.com/archive/1/465400/100/100/threaded http://www.vupen.com/english/advisories/2007/1362 •
CVSS: 5.1EPSS: 1%CPEs: 29EXPL: 2CVE-2006-5736
https://notcve.org/view.php?id=CVE-2006-5736
SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized. Vulnerabilidad de inyección SQL en search.php en PunBB anetrior a 1.2.14, cuando la instalación de PHP es vulnerable a CVE-2006-3017, permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro array result_list, que no se inicializa. • http://securityreason.com/securityalert/1824 http://securitytracker.com/id?1017131 http://www.osvdb.org/30133 http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt http://www.securityfocus.com/archive/1/450055/100/0/threaded http://www.vupen.com/english/advisories/2006/4256 http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5737
https://notcve.org/view.php?id=CVE-2006-5737
PunBB uses a predictable cookie_seed value that can be derived from the time of registration of the superadmin account (installation time), which might allow local users to perform unauthorized actions. PunBB usa un valor cookie_seed predecible que puede ser derivado del tiempo de registro de la cuenta superadmin (tiempo de instalación), lo cual puede permitir a usuarios locales realizar acciones no autorizadas. • http://securitytracker.com/id?1017131 http://www.osvdb.org/30134 http://www.securityfocus.com/archive/1/450055/100/0/threaded http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities •
CVSS: 2.1EPSS: 0%CPEs: 29EXPL: 0CVE-2006-5738
https://notcve.org/view.php?id=CVE-2006-5738
Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. Múltiples vulnerabilidades de inyección SQL en PunBB anetrior a 1.2.14 permiten a adminstradores autenticados remotamente ejecutar comandos SQL de su elección a través de vectores no especificados. • http://forums.punbb.org/viewtopic.php?id=13496 http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-5735
https://notcve.org/view.php?id=CVE-2006-5735
Directory traversal vulnerability in include/common.php in PunBB before 1.2.14 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the language parameter, related to register.php storing a language value in the users table. Vulnerabilidad de escalado de directorio en include/common.php en PunBB anterior a 1.2.14 permite a usuarios autenticados remotamente incluir y ejecutar archivos locales de su elección mediante un .. (punto punto) en el parámetro language, relacionado con que register.php almacena un valor de idioma en la tabla de usuarios. • http://secunia.com/advisories/22622 http://securityreason.com/securityalert/1824 http://securitytracker.com/id?1017131 http://www.osvdb.org/30132 http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt http://www.securityfocus.com/archive/1/450055/100/0/threaded http://www.vupen.com/english/advisories/2006/4256 http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities •