CVE-2006-0866

PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an accounts password, which may be as short as 4 characters.

Affected Software

Name	Vendor	Start Version	End Version
Punbb	Punbb	1.0 (including)	1.0 (including)
Punbb	Punbb	1.0.1 (including)	1.0.1 (including)
Punbb	Punbb	1.0_alpha (including)	1.0_alpha (including)
Punbb	Punbb	1.0_beta1 (including)	1.0_beta1 (including)
Punbb	Punbb	1.0_beta1a (including)	1.0_beta1a (including)
Punbb	Punbb	1.0_beta2 (including)	1.0_beta2 (including)
Punbb	Punbb	1.0_beta3 (including)	1.0_beta3 (including)
Punbb	Punbb	1.0_rc1 (including)	1.0_rc1 (including)
Punbb	Punbb	1.0_rc2 (including)	1.0_rc2 (including)
Punbb	Punbb	1.1 (including)	1.1 (including)
Punbb	Punbb	1.1.1 (including)	1.1.1 (including)
Punbb	Punbb	1.1.2 (including)	1.1.2 (including)
Punbb	Punbb	1.1.3 (including)	1.1.3 (including)
Punbb	Punbb	1.1.4 (including)	1.1.4 (including)
Punbb	Punbb	1.1.5 (including)	1.1.5 (including)
Punbb	Punbb	1.2 (including)	1.2 (including)
Punbb	Punbb	1.2.1 (including)	1.2.1 (including)
Punbb	Punbb	1.2.2 (including)	1.2.2 (including)
Punbb	Punbb	1.2.3 (including)	1.2.3 (including)
Punbb	Punbb	1.2.4 (including)	1.2.4 (including)
Punbb	Punbb	1.2.5 (including)	1.2.5 (including)
Punbb	Punbb	1.2.6 (including)	1.2.6 (including)
Punbb	Punbb	1.2.7 (including)	1.2.7 (including)
Punbb	Punbb	1.2.8 (including)	1.2.8 (including)
Punbb	Punbb	1.2.9 (including)	1.2.9 (including)
Punbb	Punbb	1.2.10 (including)	1.2.10 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0866
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References