Lucene search
HistoryJan 19, 2007 - 11:28 p.m.
CVE-2007-0388
cve-2007-0388
sql injection
search.php
woltlab burning board
nvd
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.9%
SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows remote attackers to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.
Affected configurations
Node
woltlabburning_boardRange≤1.0.2
ORwoltlabburning_boardRange≤2.3.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| woltlab:burning_board | woltlab burning board | le | 1.0.2 |
| woltlab:burning_board | woltlab burning board | le | 2.3.6 |
Related
cvelist
cvelist
CVE-2007-0388
2007-01-19 23:00:00
prion
prion
Sql injection
2007-01-19 23:28:00
nessus
nessus
WoltLab Burning Board search.php Multiple Parameter SQL Injection
2007-01-18 00:00:00
nvd
nvd
CVE-2007-0388
2007-01-19 23:28:00
securityvulns
securityvulns
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.9%
Related for CVE-2007-0388