Burning Board Security Vulnerabilities and Issues — Burning Board CVE List

Lucene search

WoltlabBurning Board

4 matches found

CVE•added 2009/09/09 7:30 p.m.•52 views

CVE-2008-7192

Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a diffe...

6.8CVSS7.2AI score0.00145EPSS

CVE•added 2006/03/21 1:6 a.m.•42 views

CVE-2006-1324

Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.

6.8CVSS6.1AI score0.12774EPSS

CVE•added 2005/04/26 4:0 a.m.•38 views

CVE-2005-1285

Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter.

6.8CVSS6AI score0.00416EPSS

CVE•added 2006/08/24 1:4 a.m.•38 views

CVE-2006-4317

Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript.

6.8CVSS5.9AI score0.01214EPSS