PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a clients IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Punbb | Punbb | 1.2.3 | 1.2.3 |
Blog_cms | F-art_agency | 4.0.0 | 4.0.0 |
Punbb | Punbb | 1.2.7 | 1.2.7 |
Punbb | Punbb | 1.2.5 | 1.2.5 |
Blog_cms | F-art_agency | 4.0.0d | 4.0.0d |
Blog_cms | F-art_agency | 3.6.2 | 3.6.2 |
Punbb | Punbb | 1.2.1 | 1.2.1 |
Blog_cms | F-art_agency | 3.1 | 3.1 |
Blog_cms | F-art_agency | 4.0.0a | 4.0.0a |
Blog_cms | F-art_agency | 3.0 | 3.0 |
Blog_cms | F-art_agency | 3.1.4 | 3.1.4 |
Blog_cms | F-art_agency | 3.6.4 | 3.6.4 |
Punbb | Punbb | 1.2.4 | 1.2.4 |
Punbb | Punbb | 1.2.8 | 1.2.8 |
Blog_cms | F-art_agency | 3.1.2 | 3.1.2 |
Punbb | Punbb | 1.2.2 | 1.2.2 |
Blog_cms | F-art_agency | 3.1.3 | 3.1.3 |
Blog_cms | F-art_agency | 4.0.0c | 4.0.0c |
Punbb | Punbb | 1.2.6 | 1.2.6 |
Blog_cms | F-art_agency | 4.0.0b | 4.0.0b |
Punbb | Punbb | 1.2.9 | 1.2.9 |