Burning Board@* Security Vulnerabilities and Issues — Burning Board@* CVE List

Lucene search

WoltlabBurning Board*

5 matches found

CVE•added 2007/01/19 11:28 p.m.•58 views

CVE-2007-0388

SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows remote attackers to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.

7.5CVSS8.3AI score0.00342EPSS

CVE•added 2006/03/21 1:6 a.m.•42 views

CVE-2006-1324

Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.

6.8CVSS6.1AI score0.12774EPSS

CVE•added 2004/09/01 4:0 a.m.•38 views

CVE-2002-1505

SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.

7.5CVSS8.2AI score0.00329EPSS

CVE•added 2005/04/26 4:0 a.m.•38 views

CVE-2005-1285

Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter.

6.8CVSS6AI score0.00416EPSS

CVE•added 2005/05/02 4:0 a.m.•38 views

CVE-2005-1327

Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter.

4.3CVSS5.8AI score0.00351EPSS