Burning Board Security Vulnerabilities and Issues — Burning Board CVE List

Lucene search

WoltlabBurning Board

4 matches found

CVE•added 2008/04/09 9:5 p.m.•29 views

CVE-2008-1716

Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message...

4.3CVSS5.7AI score0.00475EPSS

CVE•added 2008/02/21 12:44 a.m.•28 views

CVE-2008-0857

SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page.

7.5CVSS8.3AI score0.00385EPSS

CVE•added 2008/01/29 8:0 p.m.•27 views

CVE-2008-0472

Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.

4.3CVSS6.7AI score0.00145EPSS

CVE•added 2008/04/09 9:5 p.m.•23 views

CVE-2008-1717

WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.

5CVSS6.6AI score0.00516EPSS