PT-2005-5351 · Punbb · Punbb

Published

2005-12-31

Updated

2008-09-05

CVE-2005-4686

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions PunBB version 1.2.9

Description The issue allows attackers to obtain sensitive information due to the inclusion of config.php before calling the unregister globals function.

Recommendations For PunBB version 1.2.9, consider updating to a version where the config.php file is included after the unregister globals function is called, or apply a configuration change to ensure sensitive information is protected.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4686

Affected Products

Punbb

PT-2005-5351 · Punbb · Punbb

CVE-2005-4686

Related Identifiers

Affected Products

References · 6