CVE-2005-1051

Description

SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action.

Software From Fixed in
punbb / punbb 1.0 1.0.x
punbb / punbb 1.0_alpha 1.0_alpha.x
punbb / punbb 1.0_beta1 1.0_beta1.x
punbb / punbb 1.0_beta2 1.0_beta2.x
punbb / punbb 1.0_beta3 1.0_beta3.x
punbb / punbb 1.0_rc1 1.0_rc1.x
punbb / punbb 1.0_rc2 1.0_rc2.x
punbb / punbb 1.0.1 1.0.1.x
punbb / punbb 1.1 1.1.x
punbb / punbb 1.1.1 1.1.1.x
punbb / punbb 1.1.2 1.1.2.x
punbb / punbb 1.1.3 1.1.3.x
punbb / punbb 1.1.4 1.1.4.x
punbb / punbb 1.1.5 1.1.5.x
punbb / punbb 1.2.1 1.2.1.x
punbb / punbb 1.2.2 1.2.2.x
punbb / punbb 1.2.3 1.2.3.x
punbb / punbb 1.2.4 1.2.4.x