CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2005-4687
https://notcve.org/view.php?id=CVE-2005-4687
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header. • http://secunia.com/advisories/17425 http://secunia.com/advisories/17433 http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt http://www.securityfocus.com/bid/15326 •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2005-4665
https://notcve.org/view.php?id=CVE-2005-4665
Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags. • http://punbb.org/changelogs/1.2.6_to_1.2.7.txt http://secunia.com/advisories/16775 http://www.osvdb.org/19382 http://www.punbb.org/changelogs/1.2.6_to_1.2.7.txt http://www.securityfocus.com/archive/1/422088/100/0/threaded http://www.securityfocus.com/archive/1/422267/100/0/threaded http://www.securityfocus.com/bid/14808 http://www.vupen.com/english/advisories/2005/1708 https://exchange.xforce.ibmcloud.com/vulnerabilities/22234 •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2005-4686
https://notcve.org/view.php?id=CVE-2005-4686
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information. • http://secunia.com/advisories/17425 http://secunia.com/advisories/17433 http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt http://www.securityfocus.com/bid/15328 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2005-3518 – PunBB 1.2.x - 'search.php' SQL Injection
https://notcve.org/view.php?id=CVE-2005-3518
SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote attackers to execute arbitrary SQL commands via the old_searches parameter. • https://www.exploit-db.com/exploits/26350 http://marc.info/?l=bugtraq&m=112939699128430&w=2 http://secunia.com/advisories/17227 http://securityreason.com/securityalert/87 http://www.kapda.ir/advisory-91.html http://www.osvdb.org/20018 http://www.punbb.org/changelogs/1.2.8_to_1.2.9.txt http://www.securityfocus.net/bid/15114 https://exchange.xforce.ibmcloud.com/vulnerabilities/22760 •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2005-3328
https://notcve.org/view.php?id=CVE-2005-3328
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter. • http://marc.info/?l=bugtraq&m=113017630505223&w=2 http://securityreason.com/securityalert/107 http://www.securityfocus.com/bid/15175 •