Burning Board Security Vulnerabilities and Issues — Burning Board CVE List

Lucene search

WoltlabBurning Board

6 matches found

CVE•added 2005/05/17 4:0 a.m.•46 views

CVE-2005-1642

SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable.

7.5CVSS8.4AI score0.0051EPSS

CVE•added 2005/08/23 4:0 a.m.•46 views

CVE-2005-2673

SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2.2 and 2.3.3 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) x or (2) y parameters.

7.5CVSS8AI score0.0029EPSS

CVE•added 2005/05/02 4:0 a.m.•40 views

CVE-2005-0661

SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) lastvisit cookie.

7.5CVSS8.8AI score0.00431EPSS

CVE•added 2005/04/26 4:0 a.m.•38 views

CVE-2005-1285

Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter.

6.8CVSS6AI score0.00416EPSS

CVE•added 2005/05/02 4:0 a.m.•38 views

CVE-2005-1327

Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter.

4.3CVSS5.8AI score0.00351EPSS

CVE•added 2005/07/14 4:0 a.m.•27 views

CVE-2002-2021

Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

4.3CVSS6AI score0.00401EPSS