SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action.
CVSS Score
6.5
EPSS Score
0.008
Published
2005-05-02
Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
4.3
EPSS Score
0.003
Published
2005-04-08
Page 3