Lucene search

[email protected]CVE-2006-3255

HistoryJun 28, 2006 - 1:45 a.m.

CVE-2006-3255

2006-06-2801:45:00

[email protected]

web.nvd.nist.gov

cve-2006-3255

sql injection

woltlab burning board

wbb 1.2

remote attack

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

JSON

SQL injection vulnerability in showmods.php in Woltlab Burning Board (WBB) 1.2 allows remote attackers to execute arbitrary SQL commands via the boardid parameter.

Affected configurations

NVD

Node

woltlabburning_boardMatch1.2

CPENameOperatorVersion
woltlab:burning_boardwoltlab burning boardeq1.2

CPE	Name	Operator	Version
woltlab:burning_board	woltlab burning board	eq	1.2

References

securityreason.com/securityalert/1153

securitytracker.com/id?1016374

www.securityfocus.com/archive/1/438184

www.securityfocus.com/bid/18597

exchange.xforce.ibmcloud.com/vulnerabilities/27353

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

JSON

Related for CVE-2006-3255

cvelist1 nvd1