Sql injection

SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to 1 infodb.php or 2 database.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to 1 infodb.php or 2 database.php...

CVE-2006-1094

SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to 1 infodb.php or 2 database.php...

CVE-2006-1097

Multiple cross-site scripting XSS vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to 1 infodb.php or 2 database.php...

CVE-2006-1097

Multiple cross-site scripting XSS vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to 1 infodb.php or 2 database.php...

CVE-2006-1097

The CVE-2006-1097 applies to Woltlab Burning Board’s Datenbank MOD 2.7 and earlier. The vulnerability is a cross-site scripting (XSS) flaw triggered via the fileid parameter in either info_db.php or database.php, allowing remote attackers to inject arbitrary scripts/HTML. The root cause is improp...

CVE-2006-1094

CVE-2006-1094 affects Woltlab Burning Board; the OpenVAS/NVD entries describe a SQL injection in the Database module. The vulnerable component is the Database module’s handling of the fileid parameter in info_db.php (and related database.php), which can allow remote SQL injection. The documents d...

CVE-2006-1094

SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to 1 infodb.php or 2 database.php...

woltlabBB2x.txt

--Security Report-- Advisory: Woltlab Burning Board 2.x Datenbank MOD fileid Multiple Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 01/03/06 01:33 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: WbbCoderForum...

Woltlab Burning Board 2.x (Datenbank MOD fileid) Multiple Vulnerabilities.

--Security Report-- Advisory: Woltlab Burning Board 2.x Datenbank MOD fileid Multiple Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 01/03/06 01:33 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: WbbCoderForum...

Woltlab Burning Board 2.x Datenbank MOD (fileid) Remote SQL Injection

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: wbb.pl victim directory modpage dbnum userid Original Advisory: http://www.nukedx.com/?viewdoc=17 use IO::Socket; if@ARGV 5 print ...

Woltlab Burning Board 2.x - Datenbank MOD fileid SQL Injection

Woltlab Burning Board 2.x - Datenbank MOD fileid SQL Injection !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: wbb.pl Original Advisory: http://www.nukedx.com/?viewdoc=17 use IO::Socket; if@ARGV + + Example: wbb.p...

Woltlab Burning Board 2.x Datenbank MOD (fileid) Remote SQL Injection

Exploit for unknown platform in category web applications ===================================================================== Woltlab Burning Board 2.x Datenbank MOD fileid Remote SQL Injection ===================================================================== !/usr/bin/perl Method found &...

Woltlab Burning Board 2.x - Datenbank MOD 'fileid' SQL Injection

!/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: wbb.pl Original Advisory: http://www.nukedx.com/?viewdoc=17 use IO::Socket; if@ARGV + + Example: wbb.pl sux.com / infodb.php 1 1 + + Method found & Exploit scripted ...