Woltlab Burning Board 2.3.X SQL Injection Vulnerability

2006-09-23T00:00:00
ID SECURITYVULNS:DOC:14395
Type securityvulns
Reporter Securityvulns
Modified 2006-09-23T00:00:00

Description

Use it like this:

http://127.0.0.1/wbb2/thread.php?threadid=1&page=-1

Ok, its kinda useless 'cause it's an "ORDER BY", but u can see:

  • the PHP Version
  • the MySQL version
  • the wBB Version (when it has been faked or removed)

Greets,

666 - www.sr-crew.de.tt