Lucene search

[email protected]CVE-2006-3219

HistoryJun 24, 2006 - 10:06 a.m.

CVE-2006-3219

2006-06-2410:06:00

[email protected]

web.nvd.nist.gov

cve-2006-3219

sql injection

woltlab burning board

wbb 2.2.2

thread.php

remote attack

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.7%

JSON

SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attackers to execute arbitrary SQL commands via the threadid parameter.

Affected configurations

NVD

Node

woltlabburning_boardMatch2.2.2

CPENameOperatorVersion
woltlab:burning_boardwoltlab burning boardeq2.2.2

CPE	Name	Operator	Version
woltlab:burning_board	woltlab burning board	eq	2.2.2

References

securityreason.com/securityalert/1143

www.securityfocus.com/archive/1/437114/100/100/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/27138

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.7%

JSON

Related for CVE-2006-3219

nvd1 cvelist1