CVE-2006-5736

Published: Nov 6, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1017131

vdb-entry

x_refsource_SECTRACK

1824

third-party-advisory

x_refsource_SREASON

20061030 Punbb <= 1.2.13 Multiple Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

ADV-2006-4256

vdb-entry

x_refsource_VUPEN

http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities

x_refsource_MISC

30133

vdb-entry

x_refsource_OSVDB

http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-5736

Description

Affected Products

References