CVE-2009-2276

PunBB <1.0.1 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dante90 · perlwebappsphp

https://www.exploit-db.com/exploits/9058

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9058

Scores

EPSS 0.0023

EPSS Percentile 46.1%

Details

CWE

CWE-89

Status published

Products (2)

biglle/vote_for_us_extension 1.0

biglle/vote_for_us_extension < 1.0.1

Published Jul 01, 2009

Tracked Since Feb 18, 2026