MidnightBSD

Advisories for f-art_agency

CVE-2005-4687 MEDIUM

PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
punbb punbb 1.2.9
punbb punbb 1.2.5
f-art_agency blog_cms 4.0.0
f-art_agency blog_cms 3.1.3
punbb punbb 1.2.6
f-art_agency blog_cms 4.0.0a
f-art_agency blog_cms 4.0.0c
punbb punbb 1.2.1
punbb punbb 1.2.4
f-art_agency blog_cms 3.1.2
f-art_agency blog_cms 3.6.2
f-art_agency blog_cms 3.1.4
f-art_agency blog_cms 4.0.0b
f-art_agency blog_cms 4.0.0d
punbb punbb 1.2.2
punbb punbb 1.2.3
punbb punbb 1.2.7
f-art_agency blog_cms 3.0
f-art_agency blog_cms 3.1
f-art_agency blog_cms 3.6.4
punbb punbb 1.2.8
CVE-2006-3364 HIGH

SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS before 4.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-art_agency blog_cms *