CVE-2005-4687
PunBB 1.2.9 (used standalone or with F-ART BLOG:CMS) trusts the client IP from the X-Forwarded-For header instead of the TCP/IP stack, enabling IP address spoofing by remote attackers. Red Hat and CVE records corroborate this vulnerability in PunBB 1.2.9. The underlying issue is header-based IP e...