CVE-2008-5434
CVE-2008-5434 affects PunBB 1.3 and 1.3.1, with multiple SQL injection vulnerabilities exploitable by remote authenticated administrators via (1) order_by or (2) direction in admin/users.php, and (3) configuration options in admin/settings.php. The underlying issue enables arbitrary SQL command e...