|
Description
|
|
Multiple vulnerabilities have been identified in PunBB, which could be exploited by remote attackers to execute arbitrary commands.
The first issue is due to an input validation error in the "search.php" script that does not initialize the "result_list" array, which could be exploited in combination with the PHP "Zend_Hash_Del_Key_Or_Index" vulnerability to bypass security restrictions and conduct SQL injection attacks.
The second flaw is due to an input validation error in the "register.php" script that does not validate the "language" parameter before being inserted into the database and used as an inclusion parameter in the "include/common.php" file, which could be exploited by remote attackers to include local files (e.g. uploaded avatars) and execute arbitrary commands with the privileges of the web server.
The third vulnerability is due to input validation errors in various scripts that do not validate certain parameters before being used in SQL statements, which could be exploited by malicious administrators to conduct SQL injection attacks.
|
