CVE Vulnerabilities

CVE-2005-1051

Published: May 02, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action.

Affected Software

Name Vendor Start Version End Version
Punbb Punbb 1.2.3 1.2.3
Punbb Punbb 1.0_beta2 1.0_beta2
Punbb Punbb 1.0 1.0
Punbb Punbb 1.2.1 1.2.1
Punbb Punbb 1.1.5 1.1.5
Punbb Punbb 1.1 1.1
Punbb Punbb 1.0.1 1.0.1
Punbb Punbb 1.1.1 1.1.1
Punbb Punbb 1.0_beta3 1.0_beta3
Punbb Punbb 1.0_rc1 1.0_rc1
Punbb Punbb 1.1.3 1.1.3
Punbb Punbb 1.0_rc2 1.0_rc2
Punbb Punbb 1.0_beta1 1.0_beta1
Punbb Punbb 1.2.4 1.2.4
Punbb Punbb 1.2.2 1.2.2
Punbb Punbb 1.1.4 1.1.4
Punbb Punbb 1.0_alpha 1.0_alpha
Punbb Punbb 1.1.2 1.1.2

References