Lucene search

K
WoltlabBurning Board Lite

6 matches found

CVE
CVE
added 2007/12/24 8:46 p.m.77 views

CVE-2007-6518

Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters.

7.5CVSS8.5AI score0.00591EPSS
CVE
CVE
added 2006/12/05 11:28 a.m.43 views

CVE-2006-6289

Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the wbb_userid parameter to the top-level URI. ...

6.8CVSS8AI score0.04587EPSS
CVE
CVE
added 2007/03/14 12:19 a.m.40 views

CVE-2007-1443

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6) r_i...

4.3CVSS5.8AI score0.00581EPSS
CVE
CVE
added 2007/02/07 11:28 a.m.39 views

CVE-2007-0812

SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0] parameter.

7.5CVSS7.9AI score0.00771EPSS
CVE
CVE
added 2006/12/03 7:28 p.m.37 views

CVE-2006-6237

SQL injection vulnerability in the decode_cookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote attackers to execute arbitrary SQL commands via the threadvisit Cookie parameter.

7.5CVSS8.4AI score0.01186EPSS
CVE
CVE
added 2008/03/13 2:44 p.m.29 views

CVE-2008-1323

Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board Lite (wBB) 2 Beta 1 allows remote attackers to delete threads as other users via the ThreadDelete action.

6.8CVSS6.8AI score0.00215EPSS