Woltlab Burning Board Lite "search.php" SQL Injection Vulnerabilities

Multiple vulnerabilities have been identified in Woltlab Burning Board Lite, which could be exploited by remote attackers to execute arbitrary SQL queries. These issues are caused by input validation errors in the "search.php" script when processing the "showposts", "sortby" and "sortorder" parameters, which could be exploited to conduct SQL injection attacks.

Woltlab Burning
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to <a href="mailto:[email protected]" target=“_blank”>[email protected]</a>.