Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2007-2236

footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.8%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2007-2236
  • Punbb » Punbb » Version: Any
    cpe:2.3:a:punbb:punbb:*


Contact Us

Shodan ® - All rights reserved