CVE-2005-1051
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/05/2005
Last modified:
18/10/2016
Description
SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action.
Impact
Base Score 2.0
6.50
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:punbb:punbb:1.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0_alpha:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0_beta1:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0_beta2:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0_beta3:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0_rc1:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.0_rc2:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.1.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.1.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.1.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.1.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.1.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:punbb:punbb:1.2.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page