Lucene search
HistoryJan 19, 2007 - 11:28 p.m.
CVE-2007-0388
cve-2007-0388
sql injection
search.php
woltlab burning board
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.1%
SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows remote attackers to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.
Affected configurations
Node
woltlabburning_boardRange≤1.0.2
ORwoltlabburning_boardRange≤2.3.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| woltlab:burning_board | woltlab burning board | le | 1.0.2 |
| woltlab:burning_board | woltlab burning board | le | 2.3.6 |
Related
cvelist
cvelist
CVE-2007-0388
2007-01-19 23:00:00
nessus
nessus
WoltLab Burning Board search.php Multiple Parameter SQL Injection
2007-01-18 00:00:00
nvd
nvd
CVE-2007-0388
2007-01-19 23:28:00
prion
prion
Sql injection
2007-01-19 23:28:00
securityvulns
securityvulns
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.1%
Related for CVE-2007-0388